A assumed that email sent to G Suites addresses was protected by DMARC. Am I (1) wrong, (2) was this email really sent from someone inside Amazon, or (3) is there some other explanation?
Conversation
This Tweet was deleted by the Tweet author. Learn more
In this case, it's DMARC for amazon.com that matters, since that's the domain that this email is (claiming to be) from.
Right. I just assumed that both Amazon and Google would use demarc religiously. Am I wrong? Is there anything I can do on my end to enable it?
2
As far as I know, they do, and Gmail should be enforcing it. I'm as clueless as you are about whether this is actually a valid email from Amazon. It could also be an email that's actually from Amazon but via a compromised email account. Could check the DKIM signature yourself.
1
Show replies
This Tweet was deleted by the Tweet author. Learn more
DMARC / DKIM / SPF policy for arstechnica.com is for emails sent from arstechnica.com. It's important to set that up even if you don't use a domain for email to prevent other people from using it. The domain that matters here is amazon.com though.
1
Show replies