Ah that is quite a good test. I tried with:
v=DMARC1;p=quarantine;rua=mailto:postmaster@example.com;ruf=mailto:hostmaster@example.com
Seems it failed on two tests:
BEC fake insider protection - Vunerable:
:Failed :system did not protect against BEC & reply-chain, fake insider attacksThis vulnerability allows attackers to impersonate ANYONE FROM YOUR COMPANY. This is a highly attacked vulnerability.
For me this one is unlikely to make too much of a difference as I’m the only user of the domain.
Domain attack protection - Vulnerable:
:Failed :Domain attacks deliveredThis should never get into your inbox. This vulnerability allows attackers to impersonate any email-restricted domain and is commonly used to trick users into clicking ransomware and malware.
It did however pass on all other tests with A.
- Deliverability test - Validated: Grade: A
- Fake subdomain protection - Enforced: Grade: A
- Look-a-like protection - Enforced: Grade: A
- Subdomain attack protection - Enforced: Grade: A
I wonder how other providers we recommend compare.