Yeah, I agree on the split domain, we’ve had enough trouble with customers getting fooled with off domains. IE F1SERV.COM <http://f1serv.com/> instead of fiserv.com <http://fiserv.com/>, et al… There’s enough there in the font specification that I know most coders still trying to find their own font of choice.
PS. I use Bespin coloring, and Dejavu font. https://www.fontsquirrel.com/fonts/dejavu-sans-mono <https://www.fontsquirrel.com/fonts/dejavu-sans-mono> https://wiki.mozilla.org/Labs/Bespin/UserGuide <https://wiki.mozilla.org/Labs/Bespin/UserGuide> Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 > On Jun 4, 2020, at 6:36 PM, Brandon Long via mailop <mailop@mailop.org> wrote: > > > > On Thu, Jun 4, 2020 at 8:28 AM Ralph Seichter via mailop <mailop@mailop.org > <mailto:mailop@mailop.org>> wrote: > * John Levine via mailop: > > > Mailing lists have only been adding subject tags since the 1980s. > > I do not wish to delve into whether these tags are useful or not, but > rewriting subjects or bodies invalidate existing DKIM signatures. > > I recommend using separate domains, or subdomains, for regular business > and for mailing lists, combined with separate DMARC policies, e.g. > 'quarantine' for example.org <http://example.org/> and 'none' for > mlists.example.org <http://mlists.example.org/>. > > Why? > > For one, I'm not sure what you're recommending, either: > 1) Host mailing lists on a separate domain > 2) Send mail to mailing lists on a separate domain > > If you're recommending #1, sure, there are benefits to that, though it's > clearly not strictly necessary. Having a different DMARC policy > for the mailing list domain isn't that useful since the mailing list sends > very few messages "from" the mailing list (slightly more in the case of > 5322.From header rewriting, of course). It's also usually a fairly > controlled domain only used for the mailing list software, so making sure the > SPF and DKIM are correct is pretty trivial, so the looser DMARC setting > doesn't seem to make much sense. > > If you're talking about #2, I probably wouldn't recommend that breakdown, but > I do know folks who have split domains for the "product" and the employees, > ie yahoo.com <http://yahoo.com/> vs yahoo-corp.com <http://yahoo-corp.com/>, > foo.net <http://foo.net/> vs foo.com <http://foo.com/>, etc. We played with > that a bit when we were first rolling out DMARC predecessor, adding a > googlers.com <http://googlers.com/> domain. Ultimately, we decided that > leaving a domain open that can be spoofed defeats the purpose of DMARC. I > mean, it also points to the ultimate problem with DMARC, which is people fall > for phishing even from non-exact or even completely wrong domains, so all of > this is just about moving the needle and not SOLVING THE PROBLEM ONCE AND FOR > ALL, so everything is a continuum and everyone needs to understand and make > the right choices for them. > > Brandon > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
