We recently purchased the domain emvdmarc[.]com, and after configuring a catch all mailbox, we started receiving DMARC aggregate reports for random domains.

Within a few days, we received reports for 12 organizations, and we haven’t been able to determine who previously owned emvdmarc[.]com AND why email addresses under this domain are still being used as reporting endpoints.

BECAUSE none of the domains whose reports we’re receiving list an @emvdmarc[.]com address in their current DMARC policy.

My guess is that some routing rules are still in place, causing certain reporters to forward DMARC XML to @emvdmarc[.]com. But the question is why only a subset of reporters continue sending reports to these addresses.

If anyone can help identify & tag the previous owner or if you can share this post to help surface the right contact, we're happy to facilitate the domain transfer back to the appropriate party.