[dns-operations] Microsoft

Vernon Schryver vjs at rhyolite.com
Sun Sep 29 09:19:23 UTC 2013

> From: Jim Popovitch <jimpop at gmail.com>

> > Ha!  I removed one ~6 months ago.... and since then I've been 550
> > rejecting the reports... yet they still come in.
> Oh wow.  It was more than 9 months ago (_dmarc.spammers.dontlike.us
> was removed on 15-Jan-2013).

I saw something similar from Microsoft while playing with DMARC.
Microsoft never forgot _dmarc records I simply deleted.  However,
publishing records with reporting or checking explicitly turned off
were eventually effective.  I think it might have taken a week for the
reports to stop.

This might sound like a bug or problem with DMARC at Microsoft, but
it might be a feature implied by the same design requirements the cause
DMARC to apply SPF DNS records more broadly than RFC 4408 allows.  For
example contributions to this mailing list from domains using DMARC+SPF
with rejection will not be seen at free Google or Microsoft mailboxes,
because the SMTP envelope Mail_From value will not be in even "relaxed
alignment" with the From: field in the forwarded contributions.  It
might even be a feature instead of a bug that according to my tests,
if you configure Microsoft mailbox to foward to Gmail mailbox or vice
versa, the forwarded mail will not be delivered.

Contrary to what one might guess from
https://en.wikipedia.org/wiki/DMARC and http://www.dmarc.org/overview.html
DMARC seems intended to improve communications between large scale
mailbox providers such as Microsoft and Google and bulk mail senders.
DMARC tells bulk mail advertisers such as American Greetings and
Linkedin about "inbox placement."  It tells bulk mail senders might
prefer their bulk mail not be forwared such as Fidelity Investments
and JPMorganChase.

Vernon Schryver    vjs at rhyolite.com

More information about the dns-operations mailing list