Everyone will have an opinion but the root of the matter is simple: You
do what you have to do to get your email where it needs to go. If you
have options to mitigate the problem, and they don't cause any worse or
equivalent problems, that sounds like a good day to me. I don't know
about you, but my favorite problem is one that I can solve. My least
favorite problem is one someone else has to solve for me.
On 2022-06-30 01:30, Hans-Martin Mosner via mailop wrote:
Am 25.05.22 um 07:59 schrieb Hans-Martin Mosner via mailop:
Please contact me off-list.
Your "rate-limiting" handling of non-SPF mail isn't rate-limiting
but blocking legitimate traffic.
Cheers,
Hans-Martin
So it's been a month since that problem raised its head, and after
several mail exchanges there's not a satisfying solution. Legit
traffic is still blocked with a nonsensical tempfail error message.
Here's the scoop:
Our (not heeg.de's but another domain's) users are individual church
congregations which use Mailman mailing lists for coordination of
working groups, member information, etc. So it's clean opt-in, not
unsolicited bulk e-mail, and of course if there are any complaints
(people change their minds, and human errors happen) we resolve them
with the associated parties quickly. Most of the lists predate the
invention of DMARC by years or decades...
Now Freenet.de started to interpret DMARC strictly and to refuse
acceptance of mails with broken DKIM and SPF with the rather cryptic
error message "458 Ratelimit exceeded". Took me a while and some mail
conversation to figure out what that really means...
Now we could switch on DMARC mitigations in the mailing lists - I've
notified the owners of the affected lists about this, but I'm not yet
convinced that I should toggle this globally without list owner's
agreement. And this change would not help the currently queued mails
of course.
Since freenet.de seems to be the only mail provider that does this
(and does not seem to be open to exempting mailing list servers, as
many others do) I'm trying to get a clearer understanding of whether
it would be reasonable to just bite the bullet to comply with their
extreme interpretation, or to be more adamant in requesting an
exception. Other huge providers seem to be able to handle this without
an issue.
What do you think? As the DMARC designers didn't consider the needs of
mailing lists, who should carry most of the burden in working around
this design failure?
* The sender mail systems publishing DMARC records (over which the
sending users don't have any control)?
* The recipient mail systems interpreting DMARC (over which the
recipients don't have any control)?
* The mailing list operators sitting in the middle who didn't choose
DMARC but are still affected by it?
Cheers,
Hans-Martin
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
