On Sun, 2022-07-17 at 10:02 +0200, Mattia Rizzolo wrote: > At this point, what about SPF? Ignoring potential whitelists on mail > receivers, I think using this service doesn't provide extra > advantages than signing on our own servers.
Why SPF? It doesn't provide any extra advantages over DKIM. Having a Debian mail relay provies an advantage though: people do not have to setup their own server with DKIM (or hack something in their mail program to sign). > Since there is now this system in place, I think it's fair that after > a transition period we kind of force DDs to relay their email through > Debian infrastracture to properly authenticate outgoing emails. Why? If you want to work on improving mail infrastructure: bugs.d.o breaks DKIM signatures ([1] is one of the reasons, but there are likely more problems) and lists.d.o does so sometimes as well (but less often). Both could be changed to rewrite the "From" to something like "Debian Bug Tracker <...@bugs.d.o>" or "Debian Devel Mailinglist <debian-devel@l.d.o>" to prevent this. Ansgar [1] https://bugs.debian.org/941195