[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-list
Subject:    Re: DMARC and SPF and DKIM, oh, my!
From:       Tim via users <users () lists ! fedoraproject ! org>
Date:       2023-05-10 7:51:39
Message-ID: 4a5ab65e7ae54d6b84c8056ea110121236a276c8.camel () yahoo ! com ! au
[Download RAW message or body]

On Tue, 2023-05-09 at 22:37 -0500, Thomas Cameron via users wrote:
> I've tested my DMARC, DKIM, and SPF records against multiple test sites, 
> and it's set up correctly. I've sent email from my server to GMail, read 
> the headers, and all tests pass.
> 
> The problem is, as far as I can tell, EVERY server that sends mail to 
> mailing lists causes me to get a barrage of warnings from receivers' 
> email servers saying that, since the email came from the list server, 
> the message failed because it's not from MY email server. It's maddening.

I would have thought there'd be warnings that other people's emails
didn't come from the author's mail servers, not *yours*.

> What do folks who manage email servers do about this? I'm seriously 
> starting to think that using these tools introduce darned near as many 
> problems as they "solve."

List serving is now in an impossible situation, unless they change the
way they operate.  According to DMARC, DKIM, SPF, etcetera, only
authorised mail servers can send mail from someone (and this is usually
a good idea).  But list servers work by (re)sending mail from someone
else.  About the only way to abide by those rules is to send the mail
from the list server address, removing the author's from address.

I wouldn't have a problem with that, well not on any of the lists I am
on (where all mail, including replies, is expected to go through the
list server).  There is no need for any private replies, and it's quite
often a bad idea.  It reduces the usefulness of the list, and people
send unsupervised hostile emails.

The list could put the author's address in somewhere else, either
create a new header (e.g. Originally-From), or simply put that into the
footer for the email.  I don't see the need for it, though.  People who
didn't mind their email address being publicly known can simply sign
off their messages with their name and address.  One of the many
advantages of usenet (over mailing lists) was that you didn't have to
expose your email address to all and sundry to be able to participate.

The list server should, of course, be taking anti-spam efforts of its
own (only allowed authorised members to post through it).

The alternative of everyone who posts to a list having to program their
mail server to say the list is an authorised poster of their email is
an impossible ask.  Most posters don't post through their own mail
server, they use one they have no control over (their ISP, Gmail, etc).
And quite frankly, it'd be a stupid risk to authorise anything else to
post from your address.

Mail servers could be made so that well-known list servers are granted
some kind of exemption of this verification process, but what about the
thousand other mail servers that aren't well known?  And it'd be
creating near monopolies.
 
-- 
 
uname -rsvp
Linux 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64
 
Boilerplate:  All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.
 
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[prev in list] [next in list] [prev in thread] [next in thread]