Skip to content

Commit 1712a8b

Browse files
msimersonmsimerson
committed
FAQ is now a pointer to the GitHub wiki FAQ
1 parent 714a4f5 commit 1712a8b

File tree

1 file changed

+2
-49
lines changed

1 file changed

+2
-49
lines changed

FAQ.md

+2-49
Original file line numberDiff line numberDiff line change
@@ -1,52 +1,5 @@
11

2-
## What is DMARC?
2+
The Mail::DMARC [FAQ is here](https://github.com/msimerson/mail-dmarc/wiki).
33

4-
DMARC provides a way to exchange authentication information and policies among mail servers.
5-
6-
DMARC benefits domain owners by preventing others from impersonating them. A domain owner can reliably tell other mail servers that "it it doesn't originate from this list of servers (SPF) and it is not signed (DKIM), then reject it." DMARC also provides domain owners with a means to receive feedback and determine that their policies are working as desired.
7-
8-
DMARC benefits mail server operators by providing them with a reliable (DKIM and SPF have reliability issues when used independently) means to block forged emails. Is that message really from PayPal, Chase, Gmail, or Facebook? Since those organizations, and many more, publish DMARC policies, operators have a definitive means to know.
9-
10-
## How does DMARC work?
11-
12-
From the DMARC Draft: "DMARC operates as a policy layer atop DKIM and SPF. These technologies are the building blocks of DMARC as each is widely deployed, supported by mature tools, and is readily available to both senders and receivers. They are complementary, as each is resilient to many of the failure modes of the other."
13-
14-
## Protect a domain with DMARC
15-
16-
For details on these steps, see Section 10 of the draft: Domain Owner Actions
17-
18-
1. Deploy DKIM & SPF
19-
2. Ensure identifier alignment.
20-
3. Publish a "monitor" record, ask for data reports
21-
4. Roll policies from monitor to reject
22-
23-
24-
## How do I validate messages with DMARC?
25-
26-
1. install Mail::DMARC
27-
28-
2. install a public suffix. See http://publicsuffix.org/list/
29-
30-
3. process messages through DMARC
31-
32-
a. With the [Qpsmtpd DMARC plugin](https://github.com/qpsmtpd-dev/qpsmtpd-dev/blob/master/plugins/dmarc)
33-
b. With a SpamAssassin rule?
34-
c. other ideas here...
35-
36-
## Where can I find more information on DMARC?
37-
38-
http://www.dmarc.org/
39-
40-
http://dmarcian.com
41-
42-
Mar 31, 2013 Draft: https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/
43-
44-
Mar 30, 2012 Draft: http://www.dmarc.org/draft-dmarc-base-00-02.txt
45-
46-
https://github.com/qpsmtpd-dev/qpsmtpd-dev/wiki/DMARC-FAQ
47-
48-
49-
## What's the issue with DMARC and email lists?
50-
51-
DMARC policies are not appropriate for domains with users who send mail through mailing lists or forwarders. SPF does not (generally) cover this use case and DKIM signatures are routinely invalidated by mailing lists that append trailers and subject prefixes. When users send email to email lists from a domain with a reject or quarantine policy, recipients whose mail server performs DMARC validation may block the message. Consequently, DMARC validators SHOULD attempt to distinguish among message streams from well behaved mailing lists and whitelist them.
4+
https://github.com/msimerson/mail-dmarc/wiki
525

0 commit comments

Comments
 (0)