Quoting Andrew McGlashan ([email protected]): > Yes, but unfortunately it seems that the bad guys do DKIM, DMARC and SPF > better than many "good" guys.
This is nonetheless a win, because if the bad guys are forced to profess their own domains with bad or unestablished/questionable reputations, instead of forging domains such as mine with _good_ reputations, then the remaining problem they pose becomes that much smaller and easier to contain. > That is, the bad guys get it right for their emails and they can still > be very strong candidates for SPAM. Certainly! SPF and its botched rival DKIM/DMARC are not antispam methods; they are anti-forgery methods. > So long as you are careful with whom the rules apply, choosing only > known good domains that send spammy like emails that are not spam, > well that should be good. BTW, I protect my domain's own reputation, and make clear my view about DMARC, thus: :r! dig -t txt linuxmafia.com. +short "v=spf1 ip4:96.95.217.99 -all" :r! dig -t txt _dmarc.linuxmafia.com. +short "DMARC: tragically misdesigned since 2012. Check our SPF RR, instead." Briefly: Not impressed with how the Firm-Formerly-Called-Yahoo-and-Now-Called-Yahoo-Again ineptly caused a forgery and bounces problem for all of the world's mailing lists. If they'd designed DKIM/DMARC competently, that could have been avoided, but they were screw-ups, and, damningly, their _official_ FAQ answer was "Well, yes, DKIM alignment problems are going to break all of the world's mailing lists, but MLM software is just going to have to be reingineered to deal with the problem" (paraphrased). I could say what I think they should do with that, but it would not be family-friendly, and would involve indelicate actions with a #6 rasp. _______________________________________________ luv-main mailing list -- [email protected] To unsubscribe send an email to [email protected]
