My client was having many DMARC non-complient forwarding emails from Sakura Internet until Oct 23. After Oct 23 that number become zero. I was happy until I found out it was moved to Threat/Unkown.
Did Dmarcian changed the rule for Sakura Internet on Oct 23?
This is Dmarcian’s reply. I wish they could have told us either before or after they made the change. Othewise I didn’t have to report incorrect data to my customer.
the rule for Sakura did change on the 24th. I updated the source to require aligned DKIM pass for reported traffic from Sakura Internet.
There was just too much garbage showing up without that condition.
If there are any other qualifiers to help identify legitimate forwarding traffic, I’d be happy to add them.
Right now, in order to be “DMARC Capable” from Sakura Internet, the traffic must have a PTR org of sakura.ne.jp, and a) it must pass DMARC on SPF (aligned), OR b) the domain’s MX is sakura.ne.jp, OR c) the domain’s NS is dns.ne.jp
To slot into Forwarding from Sakura, the PTR must be sakura.ne.jp, AND the traffic must pass DMARC-dkim.