Forum Discussion
RFC7489 7.1 DMARC Verifying External Destinations
I found out that Microsoft do not fully follow RFC7489 in scope of Verifying External Destinations, when domain creates DMARC record with rua or ruf that belongs to external domain it doesn't verify that permission record exist in external domain to receive DMARC reports for domain. For example:
_dmarc.example.com IN TXT v=DMARC1; p=none; rua= mailto:email address removed for privacy reasons
should be only take to account if example.net would contain record:
example.com._report._dmarc.example.org IN TXT v=DMARC1
but Microsoft when sends DMARC reports send them even where was no such record, generated unwanted and not requested traffic to example.net
Hi dragoangel
I've been working with DMARC quite a while and never heard of that Record.
But you're right that's whats in the RFC and my DMARC Providers have that Record set up.
I suggest you to open a Ticket at Microsoft and tell them.
Kind Regards
Andres
Andres-Bohren to open ticket I need to be their customer which is not the case
