* Washington Odhiambo via mailop <[email protected]>: > > What comes to mind? > > > > gmail (and exchange online) enforce a "no auth, no entry" policy that > > rejects > > messages from a sender if that sender doesn't implement email > > authentication > > (SPF, DKIM, DMARC) *and* sends more than 5k messages /day. > > > > But you seem to have done your homework: > > > > % dig +short TXT lists.kictanet.or.ke > > "v=spf1 a:eu.kictanet.or.ke mx:eu.kictanet.or.ke ip4:62.169.28.150 -all" > > > > # NOTE and Off-Topic: a:eu.kictanet.or.ke and mx:eu.kictanet.or.ke repeat > > your > > # final ip4:62.169.28.150 statement. Unless you really need them for other > > # purposes I'd get rid of a:eu.kictanet.or.ke and mx:eu.kictanet.or.ke and > > # leave only ip4:62.169.28.150. Having the DNS names in there causes extra > > DNS > > # lookups. > > > > % dig +short TXT _dmarc.lists.kictanet.or.ke > > "v=DMARC1;p=reject;sp=none;pct=100;rua=mailto:[email protected] > > ;ruf=mailto:[email protected];ri=86400;fo=1;"; > > > > # NOTE: If I am correct, then the last semikolon is not required and you > > can > > # end "... fo=1". IIRC pct=100 has been deprecated and - at least in EU - > > # asking for ruf-reports is privacy-invasive and forbidden. > > > > I will make those DNS changes you've suggested, although I think they are > cosmetic, right?
ACK. I consider them cosmetic and the trailing semicolon should not make a DMARC verifier fail. > > What else? > > > > DKIM signing errors? Do you DKIM sign messages? Do the lists behave > > DMARC-compliant, i.e. do not break existing DKIM signatures, do not modify > > Subject:-Header and the message body? > > > > All list posts are DKIM signed. > Mailman3 does DMARC mitigation unconditionally. > Nothing get's modified that is unbecoming. > > > Also, if that listserver sends mail out periodically only it will loose it's > > (good) reputation and the IP will have to build up a good reputation again. > > During that time messages from the server are subject to strict rate > > limits. > > > > The ML is relatively active. And even when not, I do send two automated > emails to the list - on 15th of every month and at the end of every month. Hmmm… that does it for my list of typical issues running a MLM in times of email authentication. Unless somebody else sees other issues I'd try to get a hold on someone @gmail - yeah! I know. There are less frustrating tasks on this planet - and ask them to tell you what their platform says the MLM is doing wrong. Anything else will likely send you down the alley of speculation… :-| Best, p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
