Addition for DMARC DNS record about adkim and aspf fields.
This commit is contained in:
parent
a0263bf74a
commit
f70f883943
@ -474,10 +474,10 @@ block article
|
||||
h4#art-8-4 #[a(href='#art-8-4') 8.4. DMARC]
|
||||
p DMARC stands for Domain-based Message Authentication Reporting and Conformance. And its DNS record could be like this one that I use:
|
||||
pre
|
||||
| _dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:admin@example.org; ruf=mailto:admin@example.org"
|
||||
| _dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:admin@example.org; ruf=mailto:admin@example.org; adkim=s; aspf=s"
|
||||
p #[code v] is a version of a protocol.
|
||||
p #[code p] is a default policy that could be set to #[code none], #[code quarantine] and #[code reject]. I chose to #[code reject] mail that comes from «me” if there's something wrong with a origin of a message. If you could get email from subdomains then you need to set #[code sp] as well.
|
||||
p #[code rua] is an address for the reports and #[code ruf] is for the forensic reports.
|
||||
p #[code rua] is an address for the reports and #[code ruf] is for the forensic reports. #[code aspf] verifies that an address in the MAIL FROM command and #[code From:] header matches example.org in strict (s) mode, and in relaxed (default, r) mode matches domain or its subdomains. For #[code adkim] is the same except in this case sender domain name should match a domain in #[code d=domain] in a #[code DKIM-Signature] header.
|
||||
|
||||
h4#art-8-5 #[a(href='#art-8-5') 8.5. DKIM]
|
||||
p In 5.2 we generated a key pair for our domain and now we'll take what's inside a #[code myselector.txt] file and add it to our DNS.
|
||||
|
Loading…
Reference in New Issue
Block a user