Posted on 2020-12-10 on Vaovao OH.MG.

I love receiving DMARC reports, although they pretty much just get sent from Google it's an interesting read to see what's going on.

I recently acquired a new domain which was at some point (and still actually) clearly used for a SPAM campaign, although I had set the root name's DMARC settings to reject (which I always suggest to ruin the days of forgers) I kind of forgot about the subdomain setting. Over a couple days I started to see a lot of crap subdomains coming in with passes, which is rather obnoxious to be honest.

So I modified my DMARC record and waited the statutory 48 hours for the internet to take heed, and sir it was GLORIOUS, all my reports flowing in with REJECT everywhere, I truely fucked up some SPAM merchant's day and burned through their freebie Amazon resources in the processes (because all SPAM comes from AWS now days).

A small victory on one domain, many more to go.