On February 16, 2023 8:57:49 PM EST, Mark Alley via mailop <mailop@mailop.org> wrote: >As long as the organizational domain you want reports for is the same >as >you have published in the DMARC RUA/RUF "mailto" tags, then no, you do >not >need it to be able to receive said reports. > >- Mark Alley > >On Thu, Feb 16, 2023, 7:47 PM H <age...@meddatainc.com> wrote: > >> On February 16, 2023 6:37:42 PM EST, Mark Alley via mailop < >> mailop@mailop.org> wrote: >> >You only need to create that record if you are sending the >> >aggregate/failure reports for a particular domain that is different >> >from >> >the one the reports are actually on behalf of. >> > >> >So for example, if you owned domain1.com and wanted to send RUA/RUF >> >reports >> >for domain1.com to a mailbox at domain2.com (assuming you own >domain2), >> >you >> >would need to create the TXT record in domain2 - >> >"domain1.com._report._ >> >dmarc.domain2.com" IN TXT "v=DMARC1;" >> > >> >If you're using an external third party for report analysis, usually >> >they >> >have a wildcard published in their DNS for this "_report._dmarc" >> >subdomain, >> >so you don't have to worry about it in that case. >> > >> > >> >- Mark Alley >> > >> > >> >On Thu, Feb 16, 2023, 4:14 PM H via mailop <mailop@mailop.org> >wrote: >> > >> >> On 02/11/2023 07:42 PM, H wrote: >> >> >> >> On 02/11/2023 01:55 AM, Gellner, Oliver via mailop wrote: >> >> >> >> >> >> On 2023-02-11 02:51 H via mailop wrote: >> >> >> >> >> >> On 02/10/2023 10:13 AM, Gellner, Oliver via mailop wrote: >> >> >> >> On 2023-02-10 04:08, H via mailop wrote: >> >> >> >> I now did find that resource but it is written as general >information >> >and does not really tell how to get it going with IONOS if they run >the >> >email server... >> >> >> >> As far as I understood you not only use Ionos as your registrar, >but >> >also use their email server to send your email through. Ionos does >not >> >DKIM sign emails on behalf of its customers, at least they didn't do >so >> >in the past. So the answer is simple: You do not set up DKIM or >DMARC >> >at all, because you can't. >> >> The instructions given by Ionos are only valid if your email is >sent >> >and signed by some other server and you want to add the DKIM public >key >> >to your domain hosted at Ionos. >> >> >> >> -- >> >> BR Oliver >> >> >> >> Thank you, you are starting with the first issue, ie whether I can >> >even >> >> have a DKIM record given that the domain is hosted by Ionos as is >the >> >mail >> >> server. Upon my additional research I have come to the same >> >conclusion as >> >> you, ie not possible. >> >> >> >> By the way, I stumbled across this posting on the net - >> >> >> > >> >https://serverfault.com/questions/1030262/record-dkim-on-ionos-makes-sense >> >> - that as far as I can tell is still true. >> >> >> >> So, I will now look at creating a DMARC record given that I have >> >> previously created a SPF record and will not be able to have a >DKIM >> >record. >> >> >> >> I recommend against setting up a DMARC record with a policy of >> >quarantine >> >> or reject as long as DKIM signing isn‘t in place. The SPF >> >authentication >> >> will break for all forwarded messages as well as for all automatic >> >replies >> >> or non-delivery reports. It will do mire harm than good. >> >> Of course if you‘re interested in the reporting you can create a >> >DNARC >> >> record with a none policy and only change that after you have >moved >> >to a >> >> different email provider who supports DKIM. >> >> >> >> — >> >> BR Oliver >> >> >> >> ------------------------------ >> >> dmTECH GmbH >> >> Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 >Karlsruhe >> >> Telefon 0721 5592-2500 Telefax 0721 5592-2777 >> >> dmt...@dm.de <dmt...@dm.de> * www.dmTECH.de <http://www.dmtech.de> >> >> GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 >> >> Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher >> >> ------------------------------ >> >> Datenschutzrechtliche Informationen >> >> Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an >unser >> >> ServiceCenter Fragen haben, bei uns einkaufen oder unser >dialogicum >> >in >> >> Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung >stehen >> >oder >> >> sich bei uns bewerben, verarbeiten wir personenbezogene Daten. >> >> Informationen unter anderem zu den konkreten Datenverarbeitungen, >> >> Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer >> >> Datenschutzbeauftragten finden Sie hier >> >> >> >< >> >https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832> >> >> . >> >> >> >> >> >> _______________________________________________ >> >> mailop mailing >> >listmailop@mailop.orghttps://list.mailop.org/listinfo/mailop >> >> >> >> I see. As I am sure everyone has noticed, I am a complete newbie >to >> >> SPF/DKIM/DMARC (and a lot of other things.) >> >> >> >> Understanding your message, creating a DMARC with "none" policy >would >> >not >> >> have any downside? When you say "reporting", what type of >reporting >> >would >> >> that be and how could I benefit from such reporting? >> >> >> >> I have created a DMARC record and checked that it is correctly set >up >> >on a >> >> DMARC check site. I understand that in order to receive these >reports >> >I >> >> also need to create a EDV record among my domain DNS settings? >> >> >> >> Googling around I have not found any clear instructions on how to >do >> >so? >> >> >> >> At this time my understanding is that I need to create another TXT >> >record >> >> where the host field would contain "mydomain.com._report._ >> >> dmarc.mydomain.com" and the value field would contain "v=DMARC1". >> >> Mydomain above would of course be replaced with the actual domain >> >name. >> >> >> >> Thanks. >> >> _______________________________________________ >> >> mailop mailing list >> >> mailop@mailop.org >> >> https://list.mailop.org/listinfo/mailop >> >> >> >> Since I will be analyzing the data myself, no third-party involved, I >do >> not this type of record, correct? >>
Thank you for your further clarification. It's up and running and I have reviewed the first report. Besides reviewing the XML files themselves, I have also used one of the available websites. Even more convenient would be a linux utility to run on my own computer... _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
