On 10/22/20 3:23 AM, Bastian Blank wrote: > Hi name less > > On Wed, Oct 21, 2020 at 10:13:54AM -0700, PGNet Dev wrote: >> I've online-checked SPF/DMARC records for 'intuit.com'; all _seems_ to be ok. >> I've cranked up opendmarc logging level to >> MilterDebug 5 >> with that, on failed attempt, I see only an unhelpful >> Oct 21 09:43:39 mx.example.com opendmarc[7977]: 4CGbb3aX1Pz2N: >> intuit.com fail > > This is not Postfix! > >> Trying 1st from @gmail.com (or any domain i've tried _other_ than >> 'intuit.com') > > Please see the DMARC policy of gmail.com, especially the "none" policy: > > | _dmarc.gmail.com. IN TXT "v=DMARC1; p=none; sp=quarantine; […]"
I know :( This is really a security hole in gmail. Given the popularity of gmail, however, I seriously suggest somehow treating gmail as if it had p=reject, as it should. Sincerely, Demi
OpenPGP_0xB288B55FFF9C22C1.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
