On Sat 15/Jun/2024 18:27:15 +0200 Tobias Fiebig via mailop wrote:
Do reports received at dm...@aperture-labs.org contribute to the
output of email-security-scans?
No, of course not; esec.o is tests-are-atomic. Technically I _could_
(or rather: should) try to implement something similar to what I am
already doing for the TLS-RPT test for DMARC _sending_ as well
(currently, I am only testing deliverability of RUA/RUF).
TLS-RPT reports seem to be more useful than DMARC ones. I, for one, forward
them to a daily-seen folder when they contain failed connections, which doesn't
happen every day. (In some cases, I remove the blocked IP from the firewall.)
DMARC reports have a plethora of failures every day, due to mailing lists.
Sporadically, I take a look at them, but not always, and never sum them up.
However, I skipped on that initially, because:
- It is more about receiving than sending (and esec.o was initially
sending focused)
- It is difficult to fill in an identifier there; Technically, I could,
e.g., send from unique domains (difficult, as some large domains are
now blocked for the startup mail and have a web-only-flow; Also,
deliverability for that is likely low(er)), or add something where
you can request the DMARC test in addition when you submitted the
some test results. Sending DKIM&SPF invalid mails for the test should
further reduce the noise (while still triggering reports). However,
that would have to be implemented, and I am currently struggling with
the very stupid idea somebody had some when that a day should just
have 24h.
Some hold DKIM reports are to be delivered just around midnight.
You'd need several domains, all having a rua= pointing to you. I'd donate a
(sub) domain to that effort. I'm donating a couple of domains to Project Honey
Pot. Unlike that project, however, in this case donated domains will have to
actively send replies.
Similarly, it would kind of make sense to maybe tie in the internet.nl
suite and display/integrate those results as well. But again, time.
So, somewhat related: If somebody suffers from an abundance of time, is
kind of good with python, mail, and PHP... and would like to work on
what is objectively likely some of the worst code they have ever
seen... drop me a line. ;-)
I'm tempted, although Python is not my forté.
Best
Ale
--
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
