Hacker News new | past | comments | ask | show | jobs | submit login

This is fantastic! I've always wanted to get a more in-depth understanding of how these protocols are used in the real world, and this was a great format to explore that.



Well, a real-world understanding of these protocols would include the knowledge that of the three, DMARC is the least important. Most people do not really need to know about it. If you send valuable transactional emails and you need to prevent or at least reduce the ability of third parties to impersonate you, then you might want DMARC.


Thanks. Given that it's just another TXT record, I would assume it's just a part of setting up a email domain, especially since one has to create DNS records for SPF and DKIM anyway?


That's interesting. The current top comment implies that spam filters weigh DMARC so heavily that it's essential to reliable email.


That doesn't make a ton of sense, since the point of DMARC is to stop messages from being delivered.

Certainly if you have a DMARC policy of p=reject and then you screw up your outbound, then your DMARC policy becomes relevant, but not in a good way. I don't see the harm in not having one.


> I don't see the harm in not having one.

Email providers such as outlook and gmail think otherwise. Your emails will not be reliably delivered to them because you are missing a restrictive DMARC policy. Emails send without a DMARC policy are less trusted by default and more likely tagged as spam.


That doesn’t sound right to me. Gmail itself lacks a restrictive DMARC policy. They use p=none.


people cannot send spoofed emails with my domain. I'm just an enthusiastic running his mail server so no big gain. But I can see why $BIG_BANK would like to prevent people to be able send fishing email from accounts@$BIG_BANK.com from random computers on the internet...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: