Proper Way to Configure a Domain which never sends emails
Karl Lovink
karl at lovink.net
Tue Aug 20 18:25:55 UTC 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The reject will only work when DKIM AND SPF are failing.
So you have to setup SPF too. -all does the magic.
cheers,
Karl
On 20/08/2019 20:12, John Levine wrote:
> In article <mailman.942.1566297977.711.bind-users at lists.isc.org>
> you write:
>> El 20/08/2019 a las 9:28, Marco Davids via bind-users escribió:
>>> A TXT _dmarc.domain.tld "v=DMARC1; p=reject" might also be
>>> useful.
>
>> Wouldn't that imply having DKIM set up for the domain?
>
> No, of course not.
>
> It says that if mail isn't authenticated, reject it. An excellent
> way to be sure you never get DKIM authentication is not to set up
> DKIM in the first place.
>
> _______________________________________________ Please visit
> https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEdAEe0RRL+gREs9oxGJor1wjGePMFAl1cOzMACgkQGJor1wjG
ePP0iwf/WgLuA+W+9mJfy4Z89cG10lfS7ZnNIZlUfjMmQI1jBMFqKhOnLFG08rzX
fpZ8vx8J52ipvprdvTclaNcv3qha0EGfW+FJwO3bQYv2UC1ufkYHY8AGNNkCUU7o
d42iMmwe9K0faZlJFp6uX0zd0jetafbK6CGkc21fcEMdpi4dRjKVq+pummkuJONl
vQaaxuJ7UYSL9IwdALOUifSxc4zjKHQaIeUTXy9j5cW6gJiYcvP9RVVZkv8/2pIZ
mc2acf4F4tc98idkuPr72sH8e/WEaO8EXbxwgpVjYZfYNT/aiPJakLusXlvuvkqz
EmgCfa/F0xvC1fxJeGHIdx8ysMettw==
=I0/a
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list