Am 25.05.22 um 07:59 schrieb Hans-Martin Mosner via mailop:
Please contact me off-list.
Your "rate-limiting" handling of non-SPF mail isn't rate-limiting but blocking
legitimate traffic.
Cheers,
Hans-Martin
So it's been a month since that problem raised its head, and after several mail exchanges there's not a satisfying
solution. Legit traffic is still blocked with a nonsensical tempfail error message.
Here's the scoop:
Our (not heeg.de's but another domain's) users are individual church congregations which use Mailman mailing lists for
coordination of working groups, member information, etc. So it's clean opt-in, not unsolicited bulk e-mail, and of
course if there are any complaints (people change their minds, and human errors happen) we resolve them with the
associated parties quickly. Most of the lists predate the invention of DMARC by years or decades...
Now Freenet.de started to interpret DMARC strictly and to refuse acceptance of mails with broken DKIM and SPF with the
rather cryptic error message "458 Ratelimit exceeded". Took me a while and some mail conversation to figure out what
that really means...
Now we could switch on DMARC mitigations in the mailing lists - I've notified the owners of the affected lists about
this, but I'm not yet convinced that I should toggle this globally without list owner's agreement. And this change would
not help the currently queued mails of course.
Since freenet.de seems to be the only mail provider that does this (and does not seem to be open to exempting mailing
list servers, as many others do) I'm trying to get a clearer understanding of whether it would be reasonable to just
bite the bullet to comply with their extreme interpretation, or to be more adamant in requesting an exception. Other
huge providers seem to be able to handle this without an issue.
What do you think? As the DMARC designers didn't consider the needs of mailing lists, who should carry most of the
burden in working around this design failure?
* The sender mail systems publishing DMARC records (over which the sending
users don't have any control)?
* The recipient mail systems interpreting DMARC (over which the recipients
don't have any control)?
* The mailing list operators sitting in the middle who didn't choose DMARC but
are still affected by it?
Cheers,
Hans-Martin
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
