This is good, no action means not blocked or rejected.
15.02.2026 22:14
π 1
π 0
π¬ 1
π 0
This is good, no action means not blocked or rejected.
Yes I did, you're welcome!
Is this domain configured with a p=reject policy? What insights do the reports provide? Are messages rejected, or do SPF or DKIM pass validation? The M3AAWG published best common practices for parked domains: www.m3aawg.org/sites/defaul...
It also includes a quiz for anyone who believes they have mastered the fundamentals and would like to test their knowledge. I am curious to see if you can achieve a perfect 10 out of 10. π
An exceptionally well written and comprehensive post! Thanks for sharing! To make email authentication easier to understand, I created LearnDMARC.com. It is a free tool that visually explains how the validation process works, making it much clearer how SPF, DKIM, and DMARC interact.
If you want to test your email authentication setup, have a go at DMARCtester.com. It visualizes the validation process from a receiving server perspective.
Advanced or Direct setup? Have you tested your RFC compliance? webkeydirectory.com
Google has streamlined its SPF record, reducing it by three DNS lookups. www.uriports.com/blog/google-...
You might want to read up on asymmetric cryptography. The DNS record contains the public key, not the private key used for signing DKIM. learndmarc.com
This is one of the most inaccurate and confusing DMARC infographics Iβve seen. It appears to be created either by someone unfamiliar with the standard or by a flawed AI tool.
Started my day with a smile... Thanks. To work around the limit, use subdomains or SPF macros: www.uriports.com/blog/spf-mac...
Shameless plug: check out my URIports.com β it analyzes and aggregates your reports, notifies you only when something needs attention, and starts at just $12/year!
I tried the same with SFP and DMIK β shockingly, still no luck. These protocols are *so* picky about spelling!
Sure there is: dmarcvendors.com. If you are looking for a SAAS, have a look at mine: uriports.com
RFC 7489 does not mention "forensic reports" anywhere. Section 7.3 refers to "failure reports," which can be used for forensic analysis. To avoid confusionβespecially among those new to email authenticationβwe should use the correct terminology.
Failure reports are incorrectly referred to as "Forensic Reports,". Additionally, the explanation of "Relaxed Alignment" could be improved as it means that subdomains are ignored for alignment purposes, and as long as the Organizational Domain matches, the identifier will pass alignment.
NEW BLOG: Smart Home Cinema smarthomegeeks.io/smart-home-c...
#SmartHome #Cinema #HomeTheater #HomeAssistant #HomeAutomation #FutureOfLiving #IoT
NEW BLOG: Fingerprint Doorbell for Smart/Electronic Locks and Garage Doors smarthomegeeks.io/fingerprint-...
DMARC: Instructs receiving mail servers (MTAs) on how to handle messages when *BOTH* SPF and DKIM checks fail, and provides detailed reports. Additionally, DMARC checks alignment between the domain used for authentication and the domain in the RFC5322.From header. π learnDMARC.com
This isn't a DMARC monitoring tool; it simply validates the email authentication of a message you send to it. In contrast, a DMARC monitoring service provides insight into all email traffic claiming to come from your domain.
Hereβs mine: uriports.com/dmarc β feature-rich, privacy-first, and easy to use. Affordable too: starting at just $12 per year, with a free 30-day trial and no payment details needed.
Thereβs even an AI-narrated podcast at the top of the post for those who prefer listening over reading.
I've created a few resources that might help: LearnDMARC.com visualizes the authentication process between servers, and this blog post uses an easy-to-understand analogy to explain SPF, DKIM, and DMARC: www.uriports.com/blog/introdu....
DMARCbis replaces the PSL with DNS Tree Walk: What's the Difference? www.uriports.com/blog/dmarcbi... #DMARC #DMARCbis #DNS
Ever wonder what email servers are doing behind the scenes? At learndmarc.com, we turned the confusing world of email authentication into a visual story.
π‘ Watch servers talk it out.
π― Take the DMARC quiz.
π¬ Paste email headers.
Perfect for learners and IT pros!
Google DMARC reports are back! After going quiet since April 13, Google has resumed sending DMARC aggregate reports as of 19:15 UTC today. So far, the reports only include data from yesterday (April 16), but it is a good sign that things are starting to flow again.
#DMARC #EmailSecurity #Google
MTA-STS-POLICY Check incorrectly identifies the policy as being in testing mode, even though it is set to enforce. Consider adding an explanation that the siteβs inability to detect DKIM doesnβt necessarily mean DKIM isnβt configured or working correctly. Do you check for all common selectors?
Even if a domain is not used for email, enabling DMARC helps prevent spoofing. It is also essential to configure SPF, DKIM, and DMARC for parked domains. www.m3aawg.org/sites/defaul...
Chrome now supports potential-permissions-policy-violation Reports! With the latest 134 update, Chrome can now generate potential-permissions-policy-violation reports, helping developers catch Permissions Policy conflicts before they happen. More in our latest blog: www.uriports.com/blog/potenti...