Am Thu, 08 Feb 2024 10:20:50 -0800 schrieb "Randolf Richardson, Postmaster via mailop" <[email protected]>:
> > Am 08.02.2024 schrieb Cyril - ImprovMX via mailop > > <[email protected]>: > > > But forwarding an email from a domain that have DMARC enabled > > > (with a policy different than "none") could still work if the > > > sender signed their email with DKIM. Isn't it correct? > > > > That is true. But not all domains have DKIM. > > Spammers forging eMail accounts is the primary reason SPF and > DKIM are so prevalent these days. Could be combated by consequently using S/MIME. > I believe the day will come when it will be pointless to send > eMail from a domain that doesn't have a properly-configured SPF > record and all of its outbound mail signed with DKIM. It is already there in some cases. > All this extra work is thanks to spammers -- they deserve > zero compassion for their theft-of-service, their fraudulent > activities, and the forgeries they actively engage in. They should > all be permanently banished from the internet, and put through the > courts of law for any criminal acts they willingly participated in. Use a dnsbl that lists those spammers and their spam-friendly ISPs, e.g. uceprotect with all levels. If non-spammers now cancel their contract there, those companies can be blocked for mail without hitting ham mails. > > > The only case where email forwarding is in trouble is for senders > > > enabling DMARC without sending DKIM-signed emails. > > > > It makes much more trouble. > > If MAIL FROM: isn't being changed, a bounce (for whatever reason) > > goes to the original sender and confuses people and systems (some > > unsubscribe if a hard bounce is received). > > > > Spam that isn't being detected by your own systems is being > > forwarded to foreign mail providers and they may list you on a > > dnsbl. > > That is a problem, and many users choose to forward their > publicly-published eMail accounts that spammers know about (e.g., > from scraping web sites, sharing lists, etc.), or rely on filters to > forward spam, to free webmail provider accounts because they regard > such free accounts as throw-away accounts that help them avoid > clogging up their main accounts. > > Of course, this doesn't help legitimate providers maintain a > good reputation because, to the free webmail provider, they look like > a source of spam (as you noted). It gets worse because the user > periodically logs in to delete all the spam (after checking for any > legitimate mail that might have come through, presumeably), so the > pattern that the webmail provider sees is a user who keeps deleting > nearly every message they receive ... which, to them, likely looks > like a user receiving too much spam and just deleting nearly all of > it every time they log in. I don't know who invented that mechanism, but it is really bad when using mailing lists. I delete entire threads that I am not interested in without reading (subject is enough). I also delete read threads with no reply in some cases. > Some universities don't even provide a forwarding option for > the eMail accounts they set up for their students, and this trend > will probably continue to grow for the very reasons you laid out. We need to be able to forward them within the site because we have many mail systems around (some operated by institutes) and those users have a general mail address and want to forward that to the inbox inside. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
