サイトマップ | 連絡先 | IAjapan TOP
IAjapan 財団法人インターネット協会
有害情報対策ポータルサイト 迷惑メール対策編
  • 一般利用者の皆様へ
  • メール管理者の皆様へ
  • 関連情報
  • サイト紹介


from this practice introduces inconsistency among DMARC operators in
terms of handling of the message. However, such deviation is not

To enable Domain Owners to receive DMARC feedback without impacting
existing mail processing, discovered policies of “p=none” SHOULD NOT
modify existing mail disposition processing.


既存のメール処理に影響を及ぼすことなくドメイン所有者がDMARCフィードバックを受信できるようにするために、「p=none」で検索されるポリシーを使って既存のメール処理を変更すべきではない(SHOULD NOT)。

Mail Receivers SHOULD also implement reporting instructions of DMARC,
even in the absence of a request for DKIM reporting [AFRF-DKIM] or
SPF reporting [AFRF-SPF]. Furthermore, the presence of such requests
SHOULD NOT affect DMARC reporting.

メール受信者は、DKIM報告[AFRF-DKIM]またはSPF報告[AFRF-SPF]の要求がなくても、DMARC報告の命令を実行するべきである(SHOULD)。また、DKIMやSPFの報告要求があったとしても、DMARC報告に影響を及ぼすべきではない(SHOULD NOT)。

7. DMARC Feedback

Providing Domain Owners with visibility into how Mail Receivers
implement and enforce the DMARC mechanism in the form of feedback is
critical to establishing and maintaining accurate authentication
deployments. When Domain Owners can see what effect their policies
and practices are having, they are better willing and able to use
quarantine and reject policies.

7. DMARCフィードバック


7.1. Verifying External Destinations

It is possible to specify destinations for the different reports that
are outside the authority of the Domain Owner making the request.
This allows domains that do not operate mail servers to request
reports and have them go someplace that is able to receive and
process them.

7.1. 外部送信先の検証


Without checks, this would allow a bad actor to publish a DMARC
policy record that requests that reports be sent to a victim address,
and then send a large volume of mail that will fail both DKIM and SPF
checks to a wide variety of destinations; the victim will in turn be
flooded with unwanted reports. Therefore, a verification mechanism
is included.


When a Mail Receiver discovers a DMARC policy in the DNS, and the
Organizational Domain at which that record was discovered is not
identical to the Organizational Domain of the host part of the
authority component of a [URI] specified in the “rua” or “ruf” tag,
the following verification steps are to be taken:


1. Extract the host portion of the authority component of the URI.
Call this the “destination host”, as it refers to a Report

2. Prepend the string “_report._dmarc”.

1. URIの権限コンポーネントのホスト部分を抽出する。

2. 文字列「_report._dmarc」を先頭に追加する。

[Page 28]

1  2  3  5  7  12  15  16  28  39  42  46  49  52  56  60  73

リンク・転載・引用・ロゴ使用について | プライバシーポリシー | IAjapanについて | 連絡先