Apr 27 2024 02:31 AM
I found out that Microsoft do not fully follow RFC7489 in scope of Verifying External Destinations, when domain creates DMARC record with rua or ruf that belongs to external domain it doesn't verify that permission record exist in external domain to receive DMARC reports for domain. For example:
_dmarc.example.com IN TXT v=DMARC1; p=none; rua= mailto:email address removed for privacy reasons
should be only take to account if example.net would contain record:
example.com._report._dmarc.example.org IN TXT v=DMARC1
but Microsoft when sends DMARC reports send them even where was no such record, generated unwanted and not requested traffic to example.net
Apr 28 2024 06:12 AM
Hi @dragoangel
I've been working with DMARC quite a while and never heard of that Record.
But you're right that's whats in the RFC and my DMARC Providers have that Record set up.
I suggest you to open a Ticket at Microsoft and tell them.
Kind Regards
Andres