Sendmarc

Keep level on 3/5 for two weeks

Look at lower levels

Typical customer is not self-managed

Spikes in timeline could mean bulk sending

Email sources tab

DKIM – Integrity

Sources that are legitimate

Mail forwarders can appear

return path:where do i send the non delivery report to ?

The customer tells you that both of the senders in the above image are legitimate senders. What would happen to the Microsoft sender’s mails if we were to enable full DMARC protection now?

Only those mails that fail all DMARC evaluations will be rejected.

The customer tells you that both of the senders in the above image are legitimate senders. In reference to the image, what additional work is required to be done for the Google environment?

Enable DKIM signing on the Google environment.

The customer tells you that both of the senders in the above image are legitimate senders. In reference to the image, what additional work is required to be done for the Microsoft environment?

Both of the above, if possible.

You’ve fully implemented SPF and DKIM for all known senders, except the two above. The customer knows about Microsoft, and you know you still need to implement DKIM there. However, you notice that The Endurance International Group (despite not appearing in the SPF record, and having no DKIM keys present in the DNS) is passing DMARC. How is that the case?

Forwarded mails will retain DKIM signatures in the headers of the mail, allowing them to retain DMARC passes.

Leave a Reply Cancel reply