Do you put your own email in your client's DMARC records for the rua & ruf reports?

HCHTech

HCHTech

Well-Known Member
Reaction score
3,835
Location
Pittsburgh, PA - USA
I've always shied away from this, instead sending them to the client with instructions for them to forward back to me for analysis, particularly when it is a new setup and we're still in the "p=none" phase to gauge the impact of DMARC checking. But, if I'm the only tech provider for a client, and they are going to call me anyway when they get the reports, then why not cut out the middle man and just have the reports sent to me? I could certainly create an email address 'dmarc@mydomain.com' for this purpose...

I guess this is really a choice of whether any particular action ties the client to me or not. I tend to favor the "not" route for most things. I know there are third-part DMARC analyzer services, but I'm also extremely wary to sign my clients (or me!) up for yet another subscription service.
 
That doesn't work. You have to use an email associated with the domain. So I create a free shared folder at dmarc@clientdomainname.com and then forward the emails to my support email address. I don't really find the info of much value honestly. You get a clue whether they are being spoofed or not but there is not much you can do about that other than the proper setup. It is up to the recipient of any email to check your DMARC record and validate if it is legitimate or not.
 
HCHTech said:
That's what I've found as well - mostly, it's just an answer to the "Did I do it right?" question.
Click to expand...
It's only of use if the client is reporting lots of spoofing emails are bypassing the recipient's spam filters. These would show as passing on reports and obviously should not be.
 
You must log in or register to reply here.
Back
Top