-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
Thanks Reco. On 13/10/19 9:59 pm, Reco wrote: > On Sun, Oct 13, 2019 at 04:20:17PM +1100, Andrew McGlashan wrote: >> Is this due to email forwarding by Debian servers or is it for >> some other reason? How can I fix this? > > bendel.debian.org (the MTA behind lists.debian.org) does not have > a published SPF record. An MTA, tana.it in this case, which is > configured in a paranoid way (every inbound e-mail must conform to > a published SPF record) - will consider every e-mail from > bendel.debian.org as a violation. It's not just you - I too receive > DMARC reports from tana.it at the end of every day which I > communicate to the list, and a couple of others attempt to send me > DMARC reports too (but I see no reason to accept connection from > China Telecom MTAs). It's not that bad, we're talking about extra > 5-10 e-mails per day if you don't do any filtering. > >> Do I need to add Debian's IP address to my SPF record? I'm not >> sure I want to, but it may end the DMARC reports with failed SPF >> tests... > > I don't see how it'll do you any good. SPF checking for a maillist > mail has little to no meaning anyway, it's tana.it who should fix > their SPF checks. > > I'd send a mail to postmas...@noloop.tana.it, IIRC one of this > list members is behind it. Hopefullly: "Alessandro Vesely <ves...@tana.it>" can see this thread ;- ) And yes, you are right, it passes DKIM fine and gives SPF error due to the MTA as you say. Probably the same with other reports as well. Cheers A. -----BEGIN PGP SIGNATURE----- iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXaMUDwAKCRCoFmvLt+/i +/2dAQCtYbPOkTl5vER4z9a5X6ox0L/eMtM9A3Uda30Od/BkdgEAsvwR9eHJSUPF kP1TAssbm3YLc6yXX1DYXVGhs4Ii5pc= =d1Id -----END PGP SIGNATURE-----
