Hacker News new | past | comments | ask | show | jobs | submit login

Because it’s a bunch of hot air with very, very little substance.

We run all deployments with p=reject and security policy set to standard, and rarely get anything outside of valid 3rd parties like gmail being compromised through the filter.

We spend more time unblocked vendors and providers in office 365 than blocking and protecting.

To say it’s unsafe or putting anyone at risk is a complete joke.




Not in the slightest and it's outlined in detail.

Initial deployment and long term maintenance of DMARC is made harder, while messages that should never be delivered at all due to the work of other 3rd parties are allowed through. The specification ironed out all of the reasons for these procedures when it was originated. There's nothing about Office 365 that should make it a special exception to the specification.

It's everybody else's reject policies not being enforced that are the problem, not your own.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: