On Wed, Jul 14, 2021 at 02:38:00PM +1000, raf wrote:
> On Tue, Jul 13, 2021 at 06:06:16PM -0400, post...@ptld.com wrote:
>
> Viktor wrote:
>
> > > That's because DMARC (which I don't use or recommed)
> >
> > Why don't you recommend DMARC? What is wrong with it? Do you accept *ALL*
> > mail sen
On Wed, Jul 14, 2021 at 05:43:57PM +1000, raf wrote:
> Here's a (silly) thing that wrong with DMARC: :-)
> I've sent two messages to this mailing list so far, and
> I've received 52 DMARC forensic/failure report emails
> as a result! :-)
Your mails are not DKIM signed, so of course they will fail.
On Wed, Jul 14, 2021 at 05:43:57PM +1000, raf wrote:
Here's a (silly) thing that wrong with DMARC: :-)
I've sent two messages to this mailing list so far, and
I've received 52 DMARC forensic/failure report emails
as a result! :-)
On 14.07.21 09:51, Bastian Blank wrote:
Your mails are not DKIM
On 14/07/2021 08:43, raf wrote:
On Wed, Jul 14, 2021 at 02:38:00PM +1000, raf wrote:
On Tue, Jul 13, 2021 at 06:06:16PM -0400, post...@ptld.com wrote:
Viktor wrote:
That's because DMARC (which I don't use or recommed)
Why don't you recommend DMARC? What is wrong with it? Do you accept *ALL
On 2021-07-14 at 03:43:57 UTC-0400 (Wed, 14 Jul 2021 17:43:57 +1000)
raf
is rumored to have said:
Here's a (silly) thing that wrong with DMARC: :-)
I've sent two messages to this mailing list so far, and
I've received 52 DMARC forensic/failure report emails
as a result! :-)
There are 2 differ
Doug Hardie:
>
> > On 12 July 2021, at 18:27, Wietse Venema wrote:
> >
> > Doug Hardie:
> >> I have a postfix server that uses postscreen. However, occasionally
> >> a needed mail is blocked by one of the spam services. Is there a
> >> way to bypass postscreen for just one or more specific add
There are 2 different and contradictory DMARC records in DNS for
raf.org. That guarantees breakage.
Interesting, according to [1] they shouldn't receive reports at all.
[1] https://datatracker.ietf.org/doc/html/rfc7489#section-6.6.3 point 5
It is a really bad idea to reject messages whose DKIM signature is invalid.
DO NOT DO THIS.
Why exactly is it a really bad idea :) ?
Could you give us some more practical details/examples?
The point is that absent DMARC policy that promises DKIM signatures
aligned with the RFC2822.From domain,
Kevin N.:
> So, *if present*, the signature should be valid.
A system that treats 'no signature' different from 'bad signature'
or 'unverifiable signature' is broken from a security point of view.
It gives an adversary more opportunties than it deserves.
Wietse
On Wed, Jul 14, 2021 at 07:08:07PM +0300, Kevin N. wrote:
> > You can certainly take a pedantic view, that's contrary to the DKIM
> > RFCs and common sense, there's no Internet police to stop you. Just
> > keep in mind that rejecting failed DKIM signatures has no security
> > benefit.
>
> Hm, th
You can certainly take a pedantic view, that's contrary to the DKIM
RFCs and common sense, there's no Internet police to stop you. Just
keep in mind that rejecting failed DKIM signatures has no security
benefit.
Hm, there is always the possibility that I misunderstood the
specifications. Correc
On Jul 13, 2021, at 2:15 AM, Matus UHLAR - fantomas wrote:
>> On Jul 11, 2021, at 1:06 PM, Claus R. Wickinghoff
>> wrote:
>>> I think this can be achieved with reject_unverified_recipient to query
>>> dovecot via lmtp but I've no practical experience with this. Probably
>>> you've to do som
> On 14 July 2021, at 06:12, Wietse Venema wrote:
>
> Doug Hardie:
>>
>>> On 12 July 2021, at 18:27, Wietse Venema wrote:
>>>
>>> Doug Hardie:
I have a postfix server that uses postscreen. However, occasionally
a needed mail is blocked by one of the spam services. Is there a
w
On Wed, Jul 14, 2021 at 09:51:25AM +0200, Bastian Blank
wrote:
> On Wed, Jul 14, 2021 at 05:43:57PM +1000, raf wrote:
> > Here's a (silly) thing that wrong with DMARC: :-)
> > I've sent two messages to this mailing list so far, and
> > I've received 52 DMARC forensic/failure report emails
> > as
On Wed, Jul 14, 2021 at 10:03:00AM +0200, Matus UHLAR - fantomas
wrote:
> > On Wed, Jul 14, 2021 at 05:43:57PM +1000, raf wrote:
> > > Here's a (silly) thing that wrong with DMARC: :-)
> > > I've sent two messages to this mailing list so far, and
> > > I've received 52 DMARC forensic/failure rep
On Wed, Jul 14, 2021 at 09:07:54AM -0400, Bill Cole
wrote:
> On 2021-07-14 at 03:43:57 UTC-0400 (Wed, 14 Jul 2021 17:43:57 +1000)
> raf
> is rumored to have said:
>
> > Here's a (silly) thing that wrong with DMARC: :-)
> > I've sent two messages to this mailing list so far, and
> > I've receiv
Please keep replies on-list only. Duplicates of anything sent to the
list are just a nuisance.
On 2021-07-14 at 20:51:03 UTC-0400 (Thu, 15 Jul 2021 10:51:03 +1000)
raf
is rumored to have said:
On Wed, Jul 14, 2021 at 09:07:54AM -0400, Bill Cole
wrote:
On 2021-07-14 at 03:43:57 UTC-0400 (W
Please keep replies on-list only. Duplicates of anything sent to the
list are just a nuisance.
On 2021-07-14 at 20:51:03 UTC-0400 (Thu, 15 Jul 2021 10:51:03 +1000)
raf
is rumored to have said:
On Wed, Jul 14, 2021 at 09:07:54AM -0400, Bill Cole
wrote:
On 2021-07-14 at 03:43:57 UTC-0400 (W
On Wed, Jul 14, 2021 at 09:34:22PM -0400, Bill Cole
wrote:
> Please keep replies on-list only. Duplicates of anything sent to the list
> are just a nuisance.
Will do. That's my preference too, but different lists
have different opinions about that.
> On 2021-07-14 at 20:51:03 UTC-0400 (Thu, 1
19 matches
Mail list logo
