Australian Tech

222 readers

1 users here now

For techs and techy stuff.

founded 1 year ago

MODERATORS

lodion@aussie.zone

Reject mail that does not have a DMARC policy enabled (aussie.zone)

submitted 1 month ago by maniacalmanicmania@aussie.zone to c/austech@aussie.zone

2 comments fedilink hide all child comments

I'm crossposting this in case any locals know how to do this. I'm at a loss.

cross-posted from: https://aussie.zone/post/21115161

How can I reject mail that does not have a DMARC policy enabled? Using Postfix 3.6.4 and OpenDMARC 1.4.2.

you are viewing a single comment's thread
view the rest of the comments

[–] voracitude@lemmy.world 1 points 1 month ago* (last edited 1 month ago)

Okay, something I don't get. Why is setting a specific DMARC policy more effective or desired than always strictly checking that SPF and DKIM pass on the receiving end? Gotta have both of those set up anyway for DMARC to pass, and the advice to small business owners from Big Tech in 2025 is still that DMARC isn't mandatory for "small senders" (less than 1000 emails a month I think is he criterion). DMARC just seems like extra cruft, if it requires SPF and DKIM to be aligned in order for your email to pass it when everything is properly configured.

Edit: I should make clear as well, I understand DMARC has uses other than setting the policy, but since we're talking about the policy specifically I'm playing devil's advocate a bit. Though I am honestly not sure I understand the argument for requiring DMARC on the sender's end to tell you how to handle their mail in the event of authentication failure, instead of simply requiring strict alignment for SPF and DKIM specifically in your spam filter settings.