On Wed, 1 Aug 2018 at 20:56, Brandon Long wrote:
> I pinged the bug I filed about not supporting the size limits on rua
> addresses that I filed a year ago.
> [...]
> It looks like this affects about 1% of the reporting addresses we see, and
> 0.01% of the mail.
Well, I guess some people that
> On Jul 28, 2018, at 9:20 AM, Carl Byington wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Mon, 2018-07-23 at 15:28 -0700, Kurt Andersen (b) wrote:
>
>> On Mon, Jul 23, 2018 at 3:04 PM, Laura Atkins
>> wrote:
>
>>> Spammers poisoned that particular well a while ago.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Mon, 2018-07-23 at 15:28 -0700, Kurt Andersen (b) wrote:
> On Mon, Jul 23, 2018 at 3:04 PM, Laura Atkins
> wrote:
>> Spammers poisoned that particular well a while ago. +all listings
>> are treated as heavily suspicious by ISPs.
> Deeply
When you put in the missing semicolon, what happened?
On Wed, 25 Jul 2018, Stefano Bagnara wrote:
On Wed, 25 Jul 2018 at 21:18, John R Levine wrote:
For example, a TXT resource record at
"*._report._dmarc.example.com" containing at least "v=DMARC1"
confirms that example.com is willing to
For example, a TXT resource record at
"*._report._dmarc.example.com" containing at least "v=DMARC1"
confirms that example.com is willing to receive DMARC reports for any domain.
That appears to be a typo in the spec. Every valid DMARC record has a
semicolon after v=DMARC1
Regards,
John
In article
you write:
>And here the authorization record for the "cross-domain" report:
>
># host -t txt emailmarketingblog.it._report._dmarc.mailvox.it
>emailmarketingblog.it._report._dmarc.mailvox.it descriptive text "v=DMARC1"
There's your problem.
See the definition of dmarc-record in RFC
On Wed, 25 Jul 2018, at 10:40, Stefano Bagnara wrote:
To make a real example here is the record for the
"emailmarketingblog.it" domain:
"v=DMARC1; p=none; sp=none; rua=mailto:dmarc##vox.it!10m;
ruf=mailto:dmarc##vox.it; rf=afrf; pct=100; ri=86400;"
(replace ## with @mail )
And here the
> On Jul 24, 2018, at 12:19 PM, John Levine wrote:
>
> In article
> you
> write:
>
>> "v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mydomain!10m;
>> ruf=mailto:dmarc@mydomain!10m; rf=afrf; pct=100; ri=86400;"
>
> Ah, there's the problem. "mydomain" is an invalid mail domain.
>
> Pro tip:
In article
you write:
>"v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mydomain!10m;
>ruf=mailto:dmarc@mydomain!10m; rf=afrf; pct=100; ri=86400;"
Ah, there's the problem. "mydomain" is an invalid mail domain.
Pro tip: if you want real help, send real clues. It's not like your DMARC
records are
In article
you write:
>On Tue, 24 Jul 2018 at 09:19, Ken O'Driscoll via mailop
>It's clear that I'm NOT receiving Yahoo reports, I don't know why...
>Are there special requirements to receive them?
Nothing special, but you do have to set up your DMARC records
correctly. Give us a sample
On 23 Jul 2018, at 18:36, John R Levine wrote:
I put signatures on all outgoing mail, including mail that goes to
mailing lists. Doesn't everyone?
Far from it.
~60% of the mail that makes it to my content filter (most of which is
NOT spam, as most of that is discernible before DATA) has a
On Tue, 24 Jul 2018, Stefano Bagnara wrote:
It's clear that I'm NOT receiving Yahoo reports, I don't know why...
Are there special requirements to receive them?
On Tue, 24 Jul 2018, Andrew C Aitchison replied:
I recieve dmarc aggregate reports from Yahoo to the ruf address in my
_dmarc
On Tue, 24 Jul 2018, Stefano Bagnara wrote:
On Tue, 24 Jul 2018 at 09:19, Ken O'Driscoll via mailop
wrote:
On Tue, 2018-07-24 at 00:30 +0200, Stefano Bagnara wrote:
> And still I'm honestly looking for stats about how many domains are
> really currently sending DMARC reports to senders (I get
On Tue, 24 Jul 2018 at 09:19, Ken O'Driscoll via mailop
wrote:
> On Tue, 2018-07-24 at 00:30 +0200, Stefano Bagnara wrote:
> > And still I'm honestly looking for stats about how many domains are
> > really currently sending DMARC reports to senders (I get reports for
> > much less than 1% of my
On Tue, 2018-07-24 at 00:30 +0200, Stefano Bagnara wrote:
> And still I'm honestly looking for stats about how many domains are
> really currently sending DMARC reports to senders (I get reports for
> much less than 1% of my recipients: is it what you all get or is there
> something wrong in my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2018-07-24 at 00:30 +0200, Stefano Bagnara wrote:
> And still I'm honestly looking for stats about how many domains are
> really currently sending DMARC reports to senders (I get reports for
> much less than 1% of my recipients: is it what
> And still I'm honestly looking for stats about how many domains are
> really currently sending DMARC reports to senders (I get reports for
> much less than 1% of my recipients: is it what you all get or is there
> something wrong in my setup/target?).
I’ve done some analysis for clients in the
On Tue, 24 Jul 2018, Stefano Bagnara wrote:
We wrote that a long time before anyone had imagined the mess that is DMARC.
Well, if it is not valid anymore then we need an update... "You" made
3 revisions between 2007 and 2011 and then stopped updating it when it
really started being used? ;-)
On Mon, 23 Jul 2018 at 23:50, John Levine wrote:
> In article
> you
> write:
> >On Mon, 23 Jul 2018 at 20:16, Steve Atkins wrote:
> >> > On Jul 21, 2018, at 1:28 AM, Stefano Bagnara wrote:
> >> > [...]
> >> > Otherwise we keep weakening DMARC to a point where it is not useful
> >> >
On Mon, Jul 23, 2018 at 3:04 PM, Laura Atkins
wrote:
>
> On Jul 23, 2018, at 1:30 PM, Stefano Bagnara wrote:
>
> On Mon, 23 Jul 2018 at 20:16, Steve Atkins wrote:
>
> On Jul 21, 2018, at 1:28 AM, Stefano Bagnara wrote:
> [...]
> Otherwise we keep weakening DMARC to a point where it is not
> On Jul 23, 2018, at 1:30 PM, Stefano Bagnara wrote:
>
> On Mon, 23 Jul 2018 at 20:16, Steve Atkins wrote:
>>> On Jul 21, 2018, at 1:28 AM, Stefano Bagnara wrote:
>>> [...]
>>> Otherwise we keep weakening DMARC to a point where it is not useful anymore.
>>
>> For many senders it's not
In article
you write:
>On Mon, 23 Jul 2018 at 20:16, Steve Atkins wrote:
>> > On Jul 21, 2018, at 1:28 AM, Stefano Bagnara wrote:
>> > [...]
>> > Otherwise we keep weakening DMARC to a point where it is not useful
>> > anymore.
>>
>> For many senders it's not useful; it's actively harmful.
On Mon, 23 Jul 2018 at 20:16, Steve Atkins wrote:
> > On Jul 21, 2018, at 1:28 AM, Stefano Bagnara wrote:
> > [...]
> > Otherwise we keep weakening DMARC to a point where it is not useful anymore.
>
> For many senders it's not useful; it's actively harmful. They're deploying it
> because
In article
you write:
>Here's the headers they're signing: h=to:cc:from:subject:reply-to:Date
>
>The forensic data samples I have show that a number of the messages that
>fail seem to have injected different reply-to addresses, some of which
>clearly belong to mailing lists. I suspect what's
On Fri, 2018-07-20 at 16:20 -0700, Autumn Tyr-Salvia wrote:
> What I'm thinking is that the situation might improve if they can stop
> signing the reply-to: and possibly even the to: and cc: headers. Am I on
> the right track? Any other recommendations?
While minimal header signing might get
On 7/20/2018 12:06 AM, Stefano Bagnara wrote:
h=from:to:subject:mime-version:sender:list-unsubscribe:content-type:content-transfer-encoding:feedback-id;
I saw some recommendation not to sign "To" but I don't think it is a
good practice (for the generic use case). If you don't sign the To
then
Hello,
First - Benjamin, Steve's post is not a coincidence - he and I had a
conversation about the specific issue I'm dealing with, which was super
helpful, and I suspect sparked this blog post. I wanted to get a few more
data points, which is why I posted here, but his blog post is indeed very
On 07/19/2018 11:18 PM, Autumn Tyr-Salvia wrote:
Hello Email Folks,
Hi Autumn,
I know signing the From: field is required by spec, but I think
everything else is technically optional. For those of you who have been
in the position of choosing which headers to sign and which not to,
would
On Thu, Jul 19, 2018 at 10:18 PM, Autumn Tyr-Salvia
wrote:
>
>
> ... I have lately had some customers with greater-than-usual issues
> relating to ... messages that get forwarded, where the forwarding system is
> changing headers to the point that they break DKIM
>
Aside from this being a great
Here's mine:
h=from:to:subject:mime-version:sender:list-unsubscribe:content-type:content-transfer-encoding:feedback-id;
I saw some recommendation not to sign "To" but I don't think it is a
good practice (for the generic use case). If you don't sign the To
then anyone can "replay" your message to
X-CSA-Complaints and
> List-Unsubscribe, for CSA members:
> https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf
> .
>
>
>
> --
>
> *Benjamin*
>
> *From:* mailop *On Behalf Of *Autumn
> Tyr-Salvia
> *Sent:* Friday, 20 July, 2
On Behalf Of Autumn Tyr-Salvia
Sent: Friday, 20 July, 2018 07:18
To: Mailop
Subject: [mailop] DKIM headers - which do you sign and why?
Hello Email Folks,
I work at Agari, where I guide large organizations through the process of
getting their email to pass DMARC. I have lately had some
Hello Email Folks,
I work at Agari, where I guide large organizations through the process of
getting their email to pass DMARC. I have lately had some customers with
greater-than-usual issues relating to aligned authenticated messages that
get forwarded, where the forwarding system is changing
33 matches
Mail list logo
