Deployment

Too many DNS lookups?

People sometimes run into the "too many DNS lookups" error when rolling out SPF (Sender Policy Framework). It doesn't help that there is a lot of bad guidance on the Internet. This article describes how to fix this issue. (more…)
dmarcian
4 August 2016
Deployment

SMTP Relay for Third Party Sender DMARC Compliance

How can you eventually move to a p=reject policy when third parties are unable to send email properly on your behalf? In many cases, a DMARC compliant SMTP relay server can be used to do the trick. In this article, we’ll explore some of the facets of sending DMARC compliant email from third parties, what to look for, and how common hosted solutions such as Google Apps, Office 365, Amazon Simple Email Service (SES), can be leveraged as SMTP relays.…
dmarcian
19 January 2016

SOBOO: Delegation with CNAMEs

Sending On Behalf Of Others: Sub-Domain Delegation With CNAMEs This article expands on the "CNAMEs" approach described in the larger How to send DMARC-compliant email on behalf of others article.  An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant with DMARC. (more…)
dmarcian
4 January 2016

SOBOO: Full sub-domain delegation

Sending On Behalf Of Others: Full Sub-Domain Delegation This article expands on the "full delegation" approach described in the larger How to send DMARC-compliant email on behalf of others article.  An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant with DMARC. (more…)
dmarcian
4 January 2016

How to send DMARC compliant email on behalf of others

Sending other people's email in a DMARC compliant manner can be accomplished in a number of different ways. This article is intended for Email Service Providers (ESPs) and any business that sends email using their own customer's domains (examples: CRMs, talent management companies, billing systems, etc). (more…)
dmarcian
9 December 2015

Where are the Forensic/Failure reports?

People often configure their DMARC records and use the "RUF" tag to ask for Forensic/Failure reports.  However, they're often slow to arrive.  If you just added the RUF tag to your DMARC record, be aware that it might take up to 24 hours for your change to be picked up by the larger Internet.  If you're still not seeing Forensic reports, there are a few other things to note. There are 3 primary reasons why report generators do not send…
dmarcian
8 December 2015