On 2025-04-08 at 13:34:14 UTC-0400 (Tue, 8 Apr 2025 18:34:14 +0100 (BST)) Julian Bradfield via mailop <jmai...@julianbradfield.org> is rumored to have said:
> I have just had a message sent to spam by gmail for no obvious reason > (yes, I know that gmail has many unobvious reasons, but clients will > insist on using it). > > I sent my test gmail account a message, which went to inbox ok, but > looking at "Show original" displays the following weird set of > security information: > > > SPF: PASS with IP 2a01:a500:2766:0:0:0:3b45:f2af Learn more > DKIM: 'PASS' with domain julianbradfield.org Learn more > Alignment: The 'From' header Julian Bradfield > <redac...@julianbradfield.org> does not match the DKIM domain > julianbradfield.org. Be careful with this message as the sender may be > spoofing the 'From' header identity. > > > This makes no sense to me. How can a header @julianbradfield.org not > match julianbradfield.org ? It cannot. Google is wrong here. > And if it weren't aligned, how could it > pass DKIM ? Oh, that's easy. It's why DMARC is needed: anyone can DKIM-sign a message and if the signature matches, it passes: the message is unchanged between the *signer* and you. > The message headers inserted by google also show SPF and DKIM passes. > > Anybody have any idea what's going on? Google is wrong here. They're doing DMARC wrong. -- Bill Cole _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
