All the big email require proper SPF, DMARC and DKIM in most cases. See, for
example, Email Authentication Changes: What Microsoft and Google Are Enforcing
(and What It Means for You) - Baskerville Drummond Consulting
LLP<https://baskervilledrummond.com/email_authentication_changes_what_microsoft_and_google_are_enforcing/>
SPF is trivial to set up. Some will argue with me, but DMARC and DKIM are a
pain to set up. However, they (combined with SPF) are our best hope for
reducing forged email.
Kenneth
From: Stuart D Gathman <stu...@gathman.org>
Sent: Thursday, July 31, 2025 7:11 AM
To: Peter N. M. Hansteen <pe...@bsdly.net>
Cc: misc@opensmtpd.org
Subject: Re: [vaguely OT] Looking for verified war stories of BIG MAIL
disappearing valid mail
On Thu, 31 Jul 2025, Peter N. M. Hansteen wrote: > This message is the start of
an effort to research just how the BIG MAIL > operators treat SMTP mail from
small outfits like nxdomain. no and friends. Related problem - 90% of the spam
ZjQcmQRYFpfptBannerStart
This Message Is From an Untrusted Sender
You have not previously corresponded with this sender.
Report Suspicious
<https://us-phishalarm-ewt.proofpoint.com/EWT/v1/KGOTntw!SYrP0N8Vo9FRT1R1MHSlfUPCUBakO1-HIDTCC5cqHkiJhp-JceSXKkU-_1gJMTaK1oYi3C5EBOgod5d2EiO8yjxEXt2ldumdkkDf$>
ZjQcmQRYFpfptBannerEnd
On Thu, 31 Jul 2025, Peter N. M. Hansteen wrote:
> This message is the start of an effort to research just how the BIG MAIL
> operators treat SMTP mail from small outfits like nxdomain.no and friends.
Related problem - 90% of the spam on my email server is from gmail.
I need to make them whitelist only. But need a system where senders
get a response telling them how to request whitelisting.
These complementary problems are both the result of massive
centralization. My "baby-step" advice to non-tech email users: "get
your own domain". Even if you continue to use gmail or a smaller
provider (registrars generally offer reasonable personal email),
having your own domain means you can switch providers - letting
capitalism do its thing. There is no such thing as "free" email.
You are paying for it one way or another.
> We have seen GOOG and to a lesser extent MSFT, YHOO mail exchangers seem to
> accept messages from our domains for delivery, only to have them not turn
> up in the intended inboxes after all or at best land in the users spam
> folders.
>
> I am pondering starting a campaign to collect war stories with as much log
> data
> and other relevant data as possible in order to write an article which may
> evolve to something else.
Microsoft often disappears emails from me to hotmail. What kind of
documentation do you need?
