Some of our domains receive TLS reports for connections their mx's didn't make on behalf of any user of such a domain.
Are such reports usually only sent for DMARC-aligned senders or even for forged senders to the actual MX? As we get DMARC reports from the same receivers, that show forged senders, I believe they are sent for forged senders as well. The volume of this is getting above noise threshold and I might block them. I also wonder what the MX's that we control (those which we don't control too tbh) actually do regarding this. *Puts on a way too long list* Whats your take on this? _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
