Change to Mail Infrastructure - SPF and DKIM verification will now be enforced
Rolf Eike Beer
kde at opensource.sf-tec.de
Fri Dec 4 19:07:21 GMT 2015
Ben Cooksley wrote:
> On Fri, Dec 4, 2015 at 11:28 PM, Jan Kundrát <jkt at kde.org> wrote:
> > On Friday, 4 December 2015 10:56:42 CET, Ben Cooksley wrote:
> >> Note that in the long run with DMARC looming you will need to switch
> >> to #2 anyway, and keeping your current behaviour will likely lead to
> >> mail from people who use Yahoo / AOL / etc ending up in the spam
> >> folder with many mailing list members. I'll be starting a discussion
> >> regarding taking this step on KDE systems at some point in the near
> >> future (switching to DMARC compatible policies).
> >>
> >> For more information, please see http://wiki.list.org/DEV/DMARC
> >
> > Do I understand your plan correctly? The following projects appear to not
> > re-sign their ML traffic, and they mangle headers at the same time. If I
> > understand your plan correctly, this means that I won't be able to use my
> > @kde.org addresses on mailing lists of these projects, for example:
> >
> > - Qt,
> > - Debian,
> > - Gentoo,
> > - OpenStack,
> > - anything hosted at SourceForge,
> > - and many, many more, essentially anybody who were ignoring DKIM.
> >
> > Please, change your plans, this is obviously a huge no-go.
>
> *Sigh*.
>
> Debian has already committed (prior to any of this) to making their
> mailing lists DMARC compliant by ceasing the alteration of mail
> passing through their lists.
Which is a good idea anyway, as far as you can influence it (see the 8bit
problems from the other mail).
> It is an extreme pity these mailing list providers have demonstrated
> such an extreme disregard for standards which aim to eliminate
> forgeries and ensure people cannot be digitally misrepresented. This
> is why we had to change Bugzilla a while back to send as
> bugzilla_noreply at kde.org instead of the acting user's email address -
> because Yahoo's enforcement policy meant GMail always placed mail from
> Yahoo users in the spam folder.
Huh? Of course you _must_ send with a @kde.org address. My SPF policy forbids
you to send mail for my domain. And now you want to enforce SPF, but don't
properly handle it yourself?
> I'll grant an extension until 31 January, however I would like to see
> commitments from some of these to improve their infrastructure.
It wont affect me, as I ignore the whole DKIM stuff both at the sending and
receiving end, but this just going to cause a lot of unnecessary trouble I
think.
To make it clear: I receive tons of spam per day. It has become worse in the
last month, as it seems that the usual filters do not work that good anymore.
You as postmaster of such a public domain are likely receiving even more of
that crap. But that proposal is going to cause collateral damage.
Eike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20151204/428a5213/attachment.sig>
More information about the kde-core-devel
mailing list