Am 22.04.2024 um 09:28:20 Uhr schrieb Paul Menzel via mailop: > The SPF of molgen.mpg.de has `~all` (soft fail): > > $ dig txt molgen.mpg.de +short > "v=spf1 ip4:141.14.0.0/16 ~all" > > and I would expect `~all` to result in Google Mail not rejecting the > message, when another server is sending emails from @molgen.mpg.de. > We do not want to set up DKIM due to the increased message size, and > complexity of key handling. Is there an alternative?
Google required at least one of SPF or DKIM that will pass. Softfail (~) or neutral (?) aren't sufficient. You can't sign DKIM for external domains, so if external mail goes in and is being forwarded, the DKIM signature is still valid, but there are situations when there is no DKIM signature. You can't sign such a message because you don't have control over the DNS of the foreign domain. Google makes forwarding really hard. They want you to set up ARC. https://support.google.com/a/answer/13198639?sjid=6036584522181943107-EU I know this is nasty, but this are Google's rules. Forwarded mails will always have an SPF failure, DKIM will be valid. -- Gruß Marco Send unsolicited bulk mail to 1713770900mu...@cartoonies.org _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
