On Wed, Feb 15, 2023 at 05:19:07PM +0100, Gert Doering wrote: > SPF itself is not the problem (that only checks envelope-from, which > the list does change), but DMARC with p=reject is.
Correct! > Not sure if the list actually can do the "do the From: rewrite for > DMARC p=reject enabled senders" dance. I know mailman can, but it's > not a mailman list. > > Always rewriting From: is the worst of all solutions. I have configured it for a few years now on many lists (with Mailman) and it works quite well. Intelligent MUA will even differenciate from replying to the list, or to the user (via Reply-To:). Now, if you can't, well, you can't, and I will get reports like this everytime I post, which is not problematic: Sender Domain: alphanet.ch Sender IP Address: 216.105.38.7 Received date: Wed, 15 Feb 2023 17:13:10 +0100 SPF Alignment: no DKIM Alignment: no DMARC Results: None, Accept As you can see, in my case it's not that problematic (it might be if the remote server uses disalignement to add "spam points"). In that specific case they seem to use spamassassin and the disalignement has no impact, according to the spamassassin headers. I only currently configure reject for the domains I no longer use that are used to send out spam, namely some alphanet.ch subdomains: schaefer@reliand:~$ host -t txt _dmarc.vulcan.alphanet.ch _dmarc.vulcan.alphanet.ch is an alias for _dmarc.obsolete.alphanet.ch. _dmarc.obsolete.alphanet.ch descriptive text "v=DMARC1; p=reject" The only reason I publish a DMARC policy on my main domain (of p=none) is it made my mail more easily acceptable to gmail for some magical reason. Some day, I might switch to reject policy.
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
