maddy icon indicating copy to clipboard operation
maddy copied to clipboard
verified publisher icon foxcpp

Feature request: Make the DMARC check to be enforced regardless of DMARC record existence

Open chandr1000 opened this issue 1 year ago • 0 comments

I would like to propose a feature request for Maddy: the ability to customize behavior of DMARC checking. Perhaps with this directive example:

check.dmarc {
    none_action ignore | quarantine | reject
}

none_action will override the DMARC check behavior for any sender domain that has no DMARC record, in turn allowing SPF check & DKIM check to verify the incoming email and will do action as configured when neither SPF nor DKIM passed the checks. For now the default value is ignore

This would allow us to follow the best practices of email security and deliverability, as recommended by Gmail, Yahoo Mail and other major mail providers (https://www.valimail.com/blog/the-new-requirements-for-email-delivery-at-gmail/)).

They have recently made DMARC mandatory (starting in April 2024) which helps prevent spoofing and phishing attacks. By allowing users to opt-in to DMARC checks enforcement, we can increase the trust and reputation of our email service, as well as protect our users from malicious emails.

  • [ ] I'm willing to help with the implementation

chandr1000 avatar Mar 06 '24 23:03 chandr1000