Skip to main content

Email

Email should be treated as a system for collecting new inputs rather than a personal knowledge system, a Zettelkasten, or other knowledgebase.

This can be used in conjunction with Inbox Zero.

DKIMโ€‹

DMARCโ€‹

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance1. Itโ€™s used to collect usage and abuse reports for domains that send email.

Reports from DMARC come in two different formats:

  1. Aggregate reports. This is a roll-up of statistics for emails received by an email server. This is the most common form of report to receive.
  2. Forensic reports. Most big email providers such as Google and Microsoft do not send these.

Implementing DMARC For Your Domainโ€‹

Setting up DMARC for your own domain is relatively simple, done via DNS records. The _dmarc. prefix is used on the domain thatโ€™s sending emails. For example.com, a TXT DNS record of _dmarc.example.com needs to be published, such as the following:

v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:[email protected];

Parameters are as follows:

  • v: Version. Always set to DMARC1
  • p: Domain Policy. See below for policy definitions.
  • sp: Subdomain Policy. See below for policy definitions.
  • pct: Apply these policies to this percent of bad emails (0-100 scale). Defaults to 100%.
  • rua: Email address to send the aggregate reports to. Must begin with mailto: to be valid
  • ruf: Email address to send the forensic reports to

Policies are one of the following

  • none: treat invalid email as if it was legitimate. Still accept the email.
  • quarantine: accept the incoming email, but put it in a Spam or Junk folder
  • reject: do not accept the incoming email

Reading Aggregate Reportsโ€‹

Since aggregate reports are typically sent as gzipped XML files, these arenโ€™t easily readable by a human. There are tools that can be used to read aggregate reports:

SPFโ€‹

Referencesโ€‹

Footnotesโ€‹

  1. DMARC, Wikipedia โ†ฉ