On Thu, Feb 27, 2014 at 11:22 AM, Matt Simerson <[email protected]>wrote:
> > Matt's message, as evaluated by Gmail, failed alignment, and was > consequently marked as spam. > > Thanks to DMARC reports, the sender is quite aware. Of course I'd prefer > that this list didn't invalidate my DKIM signatures. I'd also prefer that > Google's SPF recognized that this list server is SPF permitted for @ > tnpi.net. But that's outside my ability to influence. > Have you reported that to Google? > > $ spfquery --mfrom [email protected] --ip-address=`dig medusa.blackops.org+short` > pass > Received-SPF: pass (tnpi.net: Sender is authorized to use '[email protected]' > in 'mfrom' identity (mechanism 'include:lists._spf.tnpi.net' matched)) > receiver=rmbp.local; identity=mailfrom; envelope-from="[email protected]"; > client-ip=208.69.40.157 > > Until we have a solution that lets DMARC mail securely transit email > lists, our two legged DMARC table will wobble. > > > Two things here: 1) The machine hosting the dmarc.org lists is in a position where upgrading it will take quite a bit of effort, and that's needed before the MLM software can be upgraded to a DMARC-aware version. I'm looking at migrating the lists to a newer machine that will fix this problem. That transition should be invisible when I get it done, but it simply hasn't happened yet. 2) Since the ADSP days, the advice has been to have a separate domain or subdomain for users versus transactional mail; the latter would be DMARC-protected, while the former would not. I understand the inconvenience this causes for the users, but I would also note that some large Internet properties (Facebook, Google, PayPal and Yahoo off the top of my head) have gone this route and they survived somehow. -MSK
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
