arcanicanis on Nostr: One thing I don't understand with DMARC reports: how do you even know which sending ...
One thing I don't understand with DMARC reports: how do you even know which sending user is authoritative for a domain? Is the trust model just TOFU (within the same domain)? The DMARC TXT record just designates where to send reports to, but not which account reports should originate from for a domain.
Published at
2024-10-24 15:43:25Event JSON
{
"id": "e27e399482592ed9c234dc99ef60fcbff3490112f8b766cf3af8ac5bc7396e05",
"pubkey": "0ed7afc8b04a4ef5d52c14fd46c65e452d62ca50a47d6cf5287ed2825a6d26f7",
"created_at": 1729784605,
"kind": 1,
"tags": [
[
"proxy",
"https://were.social/objects/9d384f19-965b-4e51-aa22-d76bdac2d351",
"activitypub"
]
],
"content": "One thing I don't understand with DMARC reports: how do you even know which sending user is authoritative for a domain? Is the trust model just TOFU (within the same domain)? The DMARC TXT record just designates where to send reports to, but not which account reports should originate from for a domain.",
"sig": "7d0ba3108d92f9c01e13b2fbcc3fbaf0d04221d3318d6f804f716cb44c904e25325b446a96e2ce91c3e09c6e492eee128265a00bb700dd157b485b70bf46e55e"
}
