> On Aug 14, 2025, at 12:56 PM, Rob McEwen via mailop <mailop@mailop.org> wrote:
>
> Michael,
>
> Not disagreeing with anything you said, but I thought that the context of
> what Mark Stone was talking about - was those situations where an email
> account is set to auto-forward all messages to a 3rd party email account. And
> I thought that my explanation was clearly in that context. So what Mark was
> describing was an auto-forwarding setup for a particular user - where - in
> contrast to a typical such setup - his system then somewhat (or in some way)
> does the forwarding almost as if the user had manually forwarded it - so with
> all new authentication (DKIM, etc). I think that was his point?
>
> But your other points ("a single spam slipping through") - basically agrees
> with my points, too.
>
> As much as I hate such autoforwarding, I have end users who just LOVE their
> gmail accounts, and want to do EVERYTHING from gmail - including receiving
> their business emails there and then sending their business emails from their
> gmail accounts (either with the From address being manipulated into be their
> business domain, or from an actual gmail). When I try to explain how/why this
> is NOT wise (either from a professional standpoint or from a technical
> standpoint) - they just roll their eyes at me, and demand that it be done
> this way.
>
> I try hard to discourage that - and will likely one day ban that practice
> from my mail server.
Rob,
For someone who's been hosting vanity websites for 20+ years, this was my read
on what was meant by "forwarding" as well. My webmail is called "Squirrelmail"
and it works and it's basic, but it's not the Shiny RFC-noncompliant whizbang
thing that is Gmail. It's not "sexy".
I've had the google pop3 thing randomly fail on me, and print just half an
error (https://www.gushi.org/gmailerror.webp). That's what I call a polished
product, right there.
I've filled out all the webmaster things, which never show any volume, but if I
mail a new person at gmail, it's shunted straight to the "spam" folder because
"lots of mail from prime.gushi.org" is spam. (Okay, so...show me it so I can
fix the problem?)
Advice I got *on this list* was that if I'm doing spam filtering for my users
(and forwarding to Gmail), that I should not add subject tags or anything else,
because that breaks DKIM. It also breaks the ability of my users to the
default behavior of spamassassin for the last 15+ years. (Users look at mail
headers and think they're being hacked....they don't get it.)
Microsoft for a while allowed you to pop an external account, but turned it off
for "reasons". The best reason I can think of, is that they didn't want to be
responsible for holding a third party credential (i.e. Bob's work email
password, which might also be his AD login), which is not unreasonable. But
this is just a guess.
I kind of wish that gmail had an interface that said somewhere "My server is a
known forwarder, it will generate a large volume of "forged" mail for a small
number of addresses, but I agree to arc-seal it all, please let it pass". (As
of now, gmail does recommend that you arc-seal forwarded mail, maybe that means
something?)
-Dan
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
