On Wed, Jul 14, 2021 at 02:38:00PM +1000, raf <post...@raf.org> wrote:
> On Tue, Jul 13, 2021 at 06:06:16PM -0400, post...@ptld.com wrote: > > Viktor wrote: > > > > That's because DMARC (which I don't use or recommed) > > > > Why don't you recommend DMARC? What is wrong with it? Do you accept *ALL* > > mail sent to you in your inbox spam or not? Other than SPF records and DMARC > > what other tools exist to verify if mail came from the domain they purport > > to? Here's a (silly) thing that wrong with DMARC: :-) I've sent two messages to this mailing list so far, and I've received 52 DMARC forensic/failure report emails as a result! :-) I suppose that means that lots of list members have DMARC checking set up. But seriously, I'd also appreciate a critique of DMARC. It seems like a reasonable attempt to solve some of the flaws with SPF and DKIM. If it fails to do that, or it has flaws of its own, I'd be interested in hearing about it. For what it's worth, anyone on these lists with SPF might want to add these to their SPF record: ip4:168.100.1.3 ip4:168.100.1.4 ip4:168.100.1.7 ip6:2604:8d00:0:1::3 ip6:2604:8d00:0:1::4 ip6:2604:8d00:0:1::7 It would be good if mailing lists published spf records that members could include: in their spf records. But I suppose most people wouldn't be able to benefit from them. cheers, raf
