On 27/07/2023 10:20, Matija Nalis wrote:
mailing lists have been smart enough for over 20 years to rewrite
sender and
not appear as a basic forwarder - which are you are correct, however
there
are forwarding abilities to rewrite sender which avoids this, its been
15
years or more since I've used procmail which by default did not.
I personally know several people who still use procmail today, sooo...
Your assumption seems to be that EVERYBODY upgrades on regular
(yearly-or-so?) cycles, and updates their configs to latest recommended
practices at the same time.
This is ideal but reality is far different, that said, most would not be
using anything from 1990's, if they are, they are have far bigger issues
than SPF.
That at least I can attest is not always the case (I still see
systems with custom sendmail.cf which nobody dares to touch,
and with a good reason!)
As above.
But I won't agree that "it does not exist", nor would I agree that it
doesn't matter (if it didn't matter to them, people wouldn't be
asking me to troubleshoot it, and yet they do)
It "does, not matter", you can't help those who wont help themselves,
I'm sure we all remember this back in days when banks and governments
wouldt run compliant DNS, they all expected us to whitelist them, when
they realised that was not going to happen en masse, they got their act
together and fixed their stuff, now, at least in this country, they woke
up and realised the benefits so much so, the govt here is a strong
proponent of DMARC and mandates all federal govt depts to use it (though
I've discovered some that dont)
Good for you. But that is anecdotal - you are certainly not
participating
in every mailing list in existence,
I'm on 117 mailing lists - not that I have time these days to read much
of it, family life is more important, in past couple weeks I just found
a few hours to peruse some :)
So, still in 2023, I have to deal with SPF (and DKIM) failing due to
such forwarders/ML (as well
as misconfigurations, of course)
DKIM is a total failure with mailing lists, but DKIM - unlike SPF in a
typical setup, is not an out-right reject at MTA level.
Also, 1990s? Weren't first SPF-alike ideas drafted first time in
early-mid 2000s, and SPF itself not published as *proposed* IETF
standard until 2014?
That was less than a decade ago, barely yesterday :)
No, SPF pre dates that, 1998 or there abouts if my ageing memory serves
me correct, 2014 might have been the SPF RR type, which certain cretins
from the debian world fought long hard against as their dist versions of
bind didnt understand it it was that old (heaven forbid debian users ran
modern software - I hope thats changed since but somehow I suspect
not...)
--
Regards,
Noel Butler
This Email, including attachments, may contain legally privileged
information, therefore at all times remains confidential and subject to
copyright protected under international law. You may not disseminate
this message without the authors express written authority to do so.
If you are not the intended recipient, please notify the sender then
delete all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.
