I set SPF, DKIM and DMARC for my email server. I build my own mail server on my personal computer.
Then I disable signing DKIM signature and send an email to Gmail. Gmail shows SPF pass and DMARC pass and tell me it's a normal/good email.
So my question is, can I in some ways change my DMARC value in dns record so as to tell Gmail (others) to reject or quarantine my email if DKIM signature is not provided?
Aagin, I know:
- sender IP doesn't match, SPF failed
- DKIM signature is provided but invalid, DKIM failed
I want:
- DKIM signature is not provided, DKIM failed or DMARC failed. (Anyway, I want the receiver to mark that email is bad/fake/spam one.)
The reason why I want this is because:
If my ISP impersonate me, it can send emails on my behalf. Since it can pass SPF check.
If DKIM signature can be set to a must requirement, then my ISP can't do that, because only I have the private key of DKIM signature. (Assuming the DNS record is not spoofed on the receiver side).