Over the last few days I've gotten a number of bounces like this, all from
AOL:
Return-Path:
Received: from imb-d04.mx.aol.com (imb-d04.mx.aol.com [205.188.128.65])
by qs3710.pair.com (Postfix) with ESMTPS id 51A76125427
for i...@kitterman.com; Sun, 11 May 2014 13:05:39 -0400
and should stop, seems you should
move your domain to p=reject to avoid that these spoofed emails get
delivered to aol users and others...
Printed on recycled paper!
On May 11, 2014, at 19:34, Scott Kitterman via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Over the last few days I've
Look at the ruf= address and where it was sent. No. Not what I requested.
Scott K
On Monday, May 12, 2014 11:07:59 you wrote:
You have p=none and ruf= turned on, AOL's doing exactly what you've
requested.
- Roland
On 05/12/2014 10:25 AM, Scott Kitterman via dmarc-discuss wrote:
Over
On Saturday, June 07, 2014 16:33:14 Dave Crocker via dmarc-discuss wrote:
...
We need to find a way to get objective and comparable information about
this.
...
If only DMARC had a mechanism for providing feedback so that people could
measure this and provide data. ;-)
Scott K
On Saturday, June 07, 2014 17:00:25 Dave Crocker wrote:
On 6/7/2014 4:56 PM, Scott Kitterman via dmarc-discuss wrote:
If only DMARC had a mechanism for providing feedback so that people
could measure this and provide data. ;-)
I'm pretty sure it isn't my jet lag that's causing me to miss
On Friday, August 01, 2014 08:09:53 Anders Wegge Keller via dmarc-discuss
wrote:
On Thu, 31 Jul 2014 22:31:36 +
Norman, Jean Marie via dmarc-discuss dmarc-discuss@dmarc.org wrote:
Has anyone experienced unauthenticated emails being delivered to Google
recipients despite having a DMARC
On August 1, 2014 7:03:03 AM EDT, Anders Wegge Keller via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
On Fri, 01 Aug 2014 06:40:29 -0400
Scott Kitterman via dmarc-discuss dmarc-discuss@dmarc.org wrote:
On Friday, August 01, 2014 10:46:08 Anders Wegge Keller via
dmarc-discuss
wrote:
Also
I'd like to highlight this as an example of what I think is a great value in
this list. The ability of operators to have an open dialog about their mail
operations and how it impacts interoperability is a wonderful thing. I wish
there was more of it.
Scott K
On Wednesday, August 06, 2014
On August 30, 2014 7:26:19 PM EDT, John Levine jo...@taugh.com wrote:
Does anyone who's implemented fo have a problem with both 0 and
1
being specified? If it is somehow problematic, then the base spec
ought
to say so.
I don't understand what fo=1 is supposed to mean. If there's no SPF
record
On September 1, 2014 12:50:04 PM EDT, John Levine jo...@taugh.com wrote:
I don't understand what fo=1 is supposed to mean. ..
The ambiguity for me is between SPF or DKIM failed and no SPF or
DKIM
at all. As I read it, it probably means failure, but maybe it means
something else.
I think for
With obvious implications for DMARC failures. See the postfix-users thread
that starts here:
http://archives.neohapsis.com/archives/postfix/2014-10/0138.html
It would be helpful if Yahoo! were to dial this back a bit and stick with the
recommended fields to sign (i.e. drop Received and
Postfix removes it.
Scott K
On Monday, October 06, 2014 18:32:43 Murray Kucherawy via dmarc-discuss wrote:
I get Received:, but why would Content-Length change in-flight?
-MSK
On 10/6/14, 11:01 AM, Scott Kitterman via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
With obvious
On October 16, 2014 9:20:07 PM EDT, Benny Pedersen via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Just to test how bad it is now, is there more errors now that postfix
milter is resolved ?
I have still problem with opendkim when rebooting after running a day,
if i
just reboot after 10 mins
While not directly DMARC, AR fields can serve as an input for DMARC processing,
so I think it's generally worth getting right.
I was checking a recent SPF change relevant to one of my serves, so I found
myself looking at this:
Authentication-Results: mx.google.com;
spf=pass (google.com:
I've been reviewing some DMARC failures reported in data from mail.ru.
In this case the From domain is a subdomain of the main company domain (e.g.
sub.example.com), the DKIM signature is d= the main company domain (e.g.
example.com), and the DMARC record is the org domain record as well
On Wednesday, June 24, 2015 11:17:38 AM Tomki Camp via dmarc-discuss wrote:
in 7.3.1 there is a required entry ‘SPF-DNS’, for which I can’t find any
definition reference.
https://datatracker.ietf.org/doc/rfc7489/?include_text=1
It's defined in RFC 6591, Section 3.2.6.
Scott K
On October 22, 2015 1:19:51 PM EDT, Franck Martin via dmarc-discuss
wrote:
>The fun is moving to ARC
>
>https://dmarc.org/2015/10/global-mailbox-providers-deploying-dmarc-to-protect-users/
>
How does that actually help? At least as I read the draft, anyone can make up
On October 26, 2015 9:12:17 AM EDT, Roland Turner via dmarc-discuss
wrote:
>Scott Kitterman wrote:
...
snipped down to one bit as we seem to mostly be going around in circles
...
>> As a domain owner, I can control what sources of mail are able to
>> generate mail that
On October 23, 2015 2:10:26 PM EDT, "J. Gomez via dmarc-discuss"
<dmarc-discuss@dmarc.org> wrote:
>On Friday, October 23, 2015 4:07 PM, Scott Kitterman via dmarc-discuss
>wrote:
>
>> On October 23, 2015 1:48:13 AM EDT, Roland Turner via dmarc-discuss
>
On Monday, October 26, 2015 06:47:33 AM Roland Turner via dmarc-discuss wrote:
> Scott Kitterman wrote:
> > On October 23, 2015 1:48:13 AM EDT, Roland Turner via dmarc-discuss
wrote:
> >>The question is not who you trust - ARC doesn't directly change that -
> >>but how
here.com
>
>
>
>____________
>From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of
>Scott Kitterman via dmarc-discuss <dmarc-discuss@dmarc.org>
>Sent: Friday, 23 October 2015 04:44
>To: dmarc-discuss@dmarc.org
>Subje
To start with, you'll have to explain why receivers should trust a sender to
not lie about where they got the mail from in an ARC header field if they don't
already trust the sender.
Scott K
On Sunday, February 07, 2016 11:14:12 AM Franck Martin via dmarc-discuss
wrote:
> ARC will help, but
On Sunday, February 07, 2016 08:25:13 PM John Levine wrote:
> In article <2049568.4HsipfqAXp@kitterma-e6430> you write:
> >To start with, you'll have to explain why receivers should trust a sender
> >to not lie about where they got the mail from in an ARC header field if
> >they don't already
On Friday, February 12, 2016 05:11:34 AM Roland Turner via dmarc-discuss
wrote:
> John Levine wrote:
> >>> So I hear what you're saying, but it doesn't change my mind. I guess if
> >>> the large providers think this is useful, then meh, OK,
> >>
> >> That would be the guys who receive more than
On Wednesday, February 10, 2016 07:17:31 AM Roland Turner via dmarc-discuss
wrote:
> Scott,
>
> You're [still!] confusing multiple conceptions of trust, including at least:
>
> 1) trust in the intention and ability of multiple upstream forwarders to
> ARC-sign correctly,
> 2) trust in the lack
On Monday, February 15, 2016 07:27:21 AM Roland Turner via dmarc-discuss
wrote:
> Scott Kitterman wrote:
> > It would be nice if we didn't design standards that only worked at a
> > certain scale. "You must be this tall to ride" worries me.
>
> There's nothing about ARC that is scale-specific,
That's a totally different class of problem. Any competent sysadmin with some
time can maintain a CMS based web site (e.g. Wordpress). The fact that so
many are not competently managed is a function of capability and willingness
to do a little work, not a function of inadequate scale.
Also,
discuss@dmarc.org> wrote:
> > ARC purpose is to say when DMARC fail and the email should be rejected
> > that it is ok to let it through. As such there is no scale problem and
> > anyone can do it.
> >
> > If email is your core business, then complaining you have to d
On Tuesday, February 16, 2016 06:02:31 AM Roland Turner via dmarc-discuss
wrote:
> Scott Kitterman wrote:
> >> Roland Turner wrote:
> >>
> >> This is just a diffusion process, not an exclusion of smaller players.
> >> Indeed, it would almost appear that you'd be happier if the big guys had
> >>
On Tuesday, February 16, 2016 06:17:27 AM Roland Turner via dmarc-discuss
wrote:
> Scott Kitterman wrote:
> > To
> > the extent ARC is useful to mitigate the DMARC mailing list issue, it's
> > only useful with additional data inputs that are not public and are not
> > feasible for small providers
There is a subtle distinction involved here. RFC 7208 (and RFC 4408 before
it) don't literally say to use RFC5321.Helo if RFC5321.Mailfrom is null. What
they say to to construct a MailFrom using postmas...@rfc5321.helo. That's the
difference between RFC5321.Mailfrom and RFC7208/4408.Mailfrom
On May 13, 2016 4:56:40 PM EDT, "A. Schulze via dmarc-discuss"
wrote:
>
>
>Am 13.05.2016 um 22:35 schrieb Terry Zink via dmarc-discuss:
>> In Office 365 it would. Others' implementations may vary.
>
>"may or may not" - is that really the intention of DMARC?
I think
On November 14, 2016 2:42:42 PM EST, Terry Zink via dmarc-discuss
wrote:
>> Well, DMARC addresses one particular vector - we still need to find
>more effective ways
>> to address cousin domains, display name abuse, etc.
>
>I didn't mean cousin domains, I mean domains
On Thursday, March 23, 2017 03:31:14 PM Peter Olsson via dmarc-discuss wrote:
...
> MD.se. TXT "v=spf1 ip4:X ip4:X ip4:X ip4:X ip4:X/24 ip4:X/24 ip4:X ip6:X
> ip6:X ip6:X include:X -all"
...
Is md.se the actual domain? I don't see a TXT record in DNS.
$ dig -x md.se
; <<>> DiG 9.9.5 <<>> -x
I participate in a lot of mailing lists many of which that have a large number
of subscribers. As a result, when I send a single message to a mailing list,
many copies of the same message get sent to users at large mail providers.
These get counted as individual messages in aggregate
As most of you already know, the DCRUP working group is adding a new signature
algorithm to DKIM. I have been sending dual rsa-sha256/ed25519-sha256 signed
mail for some time and I have notice an oddity in DMARC reporting.
Typically, I'll see something like this XML snippet:
On Sunday, April 22, 2018 02:12:33 PM Roland Turner via dmarc-discuss wrote:
> On 21/04/18 05:36, Scott Kitterman via dmarc-discuss wrote:
> > As most of you already know, the DCRUP working group is adding a new
> > signature algorithm to DKIM. I have been sending dual
> &g
On October 9, 2018 10:37:49 PM UTC, John Levine via dmarc-discuss
wrote:
>In article <24dd5bc1-ca89-473c-9d11-cb712504c...@akamai.com> you write:
>>p=none -> “we’re trying to figure out if we’re going to be able to go
>to p=quarantine”
>>
>>If you treat quarantine differently than none, you’re
This is why DMARC uses an 'or' vice 'and' test between aligned DKIM and SPF
results. There are cases where on fails and the other succeeds, so overall the
reliability is higher if you do both.
Scott K
On November 18, 2018 1:02:48 PM UTC, Edward Siewick via dmarc-discuss
wrote:
>Thanks
On February 21, 2020 4:46:32 PM UTC, Marisa Clardy via dmarc-discuss
wrote:
>Hello,
>
>This may have already been discussed before, but I couldn't find
>anything
>about it.
>
>In our organization, we provide mail filtering for customers. We had
>SPF
>failures being rejected for a long time,
On Sunday, March 29, 2020 4:03:42 PM EDT John R Levine via dmarc-discuss
wrote:
...
> The C libopendkim and perl Mail::DKIM libraries have hard-coded tests for
> 'email' or '*'. Python dkimpy has a kludge that accepts 'tlsrpt' along
> with the other two. None of them have a way to say to look
On March 29, 2020 10:36:50 PM UTC, John Levine wrote:
>In article <3074162.RNaZIRUnTP@l5580> you write:
>>RFC 6376, Section 3.6.1, in the s= paragraphs says:
>>
>>> * matches all service types
>>
>>If libopendkim and Mail::DKIM are looking for a literal '*' as the
>service
>>type, rather
On May 25, 2020 12:33:45 AM UTC, Figo Morales via dmarc-discuss
wrote:
>I keep getting this message from my crons job:
>
>DMARC failure to load tld list
>'/usr/share/publicsuffix/public_suffix_list.dat': No such file or
>directory
>
>Any help is welcome.
If you are using Debian or a Debian
On Thursday, December 30, 2021 3:24:43 PM EST su...@banbreach.com via dmarc-
discuss wrote:
> On Friday, December 31, 2021 00:05 IST, Scott Kitterman via dmarc-discuss
wrote:
> > On Thursday, December 30, 2021 1:02:33 PM EST su...@banbreach.com via
> > dmarc->
> >
On Thursday, December 30, 2021 1:02:33 PM EST su...@banbreach.com via dmarc-
discuss wrote:
> On Thursday, December 30, 2021 18:40 IST, Alessandro Vesely via dmarc-
discuss wrote:
> > gov.in isn't listed in http://psddmarc.org/registry.html
>
> Thanks. I believe my question was not entirely
45 matches
Mail list logo