On Sun, January 18, 2015 20:14, John wrote:
> I am not sure about implementing DMARC on my servers.
> However, is it worth adding a DMARC record to the DNS? What, if
> anything, would it buy us.

Nothing, unless you have somebody to read the reports and the capacity
to act on them.  All DMARC will tell you is if somebody else is
pretending to be you.  It does, however, help protect other people
from getting fraudulently addressed email claiming to originate from
your domain.

Services exist that will accept DMARC reports and analyse them for
you.  I am not sure about the privacy and security implications of
that approach.

> If we were to add such a record, what would be the "best" setup/set of
> parameters be?
>

If you have people posting though mailing lists then it is likely best
that you leave DMARC policy set to none or possibly quarantine. 
Reject is probably too severe to seriously consider for some time yet;
Yahoo, AOL et al. positions on the matter notwithstanding.  Be aware
that Google will deliver quarantined messages to the Gmail users spam
folder. User sending mail from a quarantined DMARC domain through a
mailing list will likely have many of their messages disappear when
sent to subscribers with Gmail accounts.

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:byrn...@harte-lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

Reply via email to