Change to Mail Infrastructure - SPF and DKIM verification will now be enforced

Martin Graesslin mgraesslin at
Mon Dec 7 13:19:51 GMT 2015

On Friday, December 4, 2015 11:28:03 AM CET Jan Kundrát wrote:
> On Friday, 4 December 2015 10:56:42 CET, Ben Cooksley wrote:
> > Note that in the long run with DMARC looming you will need to switch
> > to #2 anyway, and keeping your current behaviour will likely lead to
> > mail from people who use Yahoo / AOL / etc ending up in the spam
> > folder with many mailing list members. I'll be starting a discussion
> > regarding taking this step on KDE systems at some point in the near
> > future (switching to DMARC compatible policies).
> > 
> > For more information, please see
> Do I understand your plan correctly? The following projects appear to not
> re-sign their ML traffic, and they mangle headers at the same time. If I
> understand your plan correctly, this means that I won't be able to use my
> addresses on mailing lists of these projects, for example:
> - Qt,
> - Debian,
> - Gentoo,
> - OpenStack,
> - anything hosted at SourceForge,
> - and many, many more, essentially anybody who were ignoring DKIM.
> Please, change your plans, this is obviously a huge no-go.

this looks like a huge problem. Could this be rolled out in two phases: one 
where a big fat warning is added in some way, so that we can inform our 
mailing list masters about the breakage and then a slow enforcement?

Kicking out from important stakeholders doesn't look right to me. And 
it's not like we would notice. It might take quite some time till we notice no 
longer incoming mails in mailing list folders. And not everybody read this 
thread and understood the implications. I do not know how to verify that a 
mailing list sends correctly and there are important mailing lists I'm 
subscribed to with low traffic.

So: can we do something to notify non compliant mailing lists? And what if 
they don't act on it? If for example is slow on it the 
solution cannot be to effectively kick out kde from I'm not 
going to subscribe there with my private mail address, because it's important 
to be there with an address.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the kde-core-devel mailing list