Hi Helmut,
��
I am doind DMARC - I will need to remember exactly what I have
done.�� It was not difficult if I recall, but I am not really sure
how much it has benefited me (as some of these things go).
DMARC simply comprises the publishing of DKIM and SPF records in DNS, then signing outgoing mail from your domain using your DKIM private key. Servers out there have access to your public key and so check it the messages you send pass the verification process for DMARC.
You're not sure how it has helped you? Well, domains that public DMARC records get high acceptability with servers that do spam filtering. The fact that mails from your domain pass the DMARC verification tests will make your mail score less with spam filters and so be easily acceptable.
Unfortunately I am right in the beginning of a large consulting
project (moving a client from on-prem Exchange to Office365 -
FUN!).�� I should be completed by the end of the weekend and will
dig out what I did to set it all up.�� I may no be doing it all
correctly, but I do get the occasional DMARC remorts from other
domains that are also participating.
Getting the occasional DMARC reports is normal. I think I actually get them daily for all the domains/servers that I have configured with DKIM signing.
��
What I am actually talking about here is the addition of DMARC checks to our exim4u configuration, so that your server is also able to reject forgeries as well as send those reports.