"For example, an e-mail that doesn't validate the SPF and DKIM prerequisites is declared as non-compliant and is then placed in spam or deleted from inboxes."
This is speculation presented as fact. The recipient is free to do whatever they want with the incoming emails. Most hosts just have a report-but-dont-do-anything policy because of how messy and error prone the whole SPF/DKIM thing is.
"DMARC also ensures that e-mails sent from your domain name are authentic, and prevents potentially dangerous or fraudulent e-mails from being sent in your name."
This it doesn't do at all. That's DKIM, which fails in a lot of spectacular ways. Barely forwarding an email can break it or make it pass when it shouldn't.
I understand this is a "we'll watch your dmarc reports for you" vendor and has to exaggerate the usefulness of current practices but they are basically just the best we have and not a solution to end all email delivery issues.
Oh boy, another email server thread. Queue the pitchforks against Google's monopolistic behaviour against even well managed domains.
I did a not-for-public writeup on BIMI recently. It boggles my mind that there are no widely used ID services (that is, avatar management and name consistency), especially for something as fundamental as email.
Turns out, you can absolutely setup a BIMI record without paying the ludicrous $1500 cert fee. Turns out, Yahoo and AOL even show those images to senders (at least when I tested last year).
Turns out, Google marks you as spam on an otherwise passing email setup (full alignment, policy = reject all, etc) when you do that. >:(
Just to confirm my understanding, if I set up a BIMI TXT record with an svg image path, but without a VMC gmail will mark the inbound message as spam even if DMARC is set up correctly? tl;dr, is Gmail requiring VMC's now?
For an article about “mastering email security,” this is missing an awful lot of recent email security developments like ARC, DANE, MTA-STS and TLSRPT while simultaneously spreading misinformation about the holy trinity of email security protocols. Impressive, I guess?
Edit: Oh wow, even from an email security vendor. They really didn't do their research. I definitely wouldn't trust them to protect my email security, partially due to them literally not supporting the necessary protocols to do so.
This is speculation presented as fact. The recipient is free to do whatever they want with the incoming emails. Most hosts just have a report-but-dont-do-anything policy because of how messy and error prone the whole SPF/DKIM thing is.
"DMARC also ensures that e-mails sent from your domain name are authentic, and prevents potentially dangerous or fraudulent e-mails from being sent in your name."
This it doesn't do at all. That's DKIM, which fails in a lot of spectacular ways. Barely forwarding an email can break it or make it pass when it shouldn't.
I understand this is a "we'll watch your dmarc reports for you" vendor and has to exaggerate the usefulness of current practices but they are basically just the best we have and not a solution to end all email delivery issues.