On Fri, 2022-06-17 at 11:16 -0500, Thomas Cameron wrote: > But my point is, setting up spf works as expected. I've verified it > via my emails to known correctly configured mail servers like GMail. > What I don't understand is why, when it is apparently set up > correctly, are there mail servers which throw errors when I send > email through a mailing list. Is it a misconfiguration of the mailing > list? Is it a misconfiguration of the receivers? I don't think there's a way around this (for you). These records are used to say who can post your mail (only *your* mail servers). That, in itself, doesn't stop spam. It relies on other servers refusing mail appearing to be from you, but coming from an unauthorised source. And it wouldn't stop someone sending mail forged as coming from you, going through your authorised server. But it's a better spam identifier than many other schemes. But when you post to a mailing list, it reposts your mail through them, still identified as coming from you. Their server is not on your authorised list (and shouldn't be). The only way I can see to avoid that problem is for the mailing list to not distribute your message from *you*, but rewrite the "from" address as coming from itself. People don't like that, because it anonymises mail (people behave worse when anonymous), and they can't send private replies (not that some of us want them). I preferred usenet to mailing lists. You posted to a group, people subscribed (or browsed it) if they wanted to see it. You didn't need to use an email address, so no spam could come in your direction (only to the group, which may have reasonably good anti-spam systems). I've yet to come across an anti-spam system that doesn't stuff something up (false negatives, false positives, not detecting spam). If you have to check your (suspected) spam folder each time you get your mail, what's the point of using it? System-wide ISP systems are able better than personal spam detection systems. In the sense that an ISP gets thousands of emails, and when scads of identical spam hit their server, it can be flagged and deleted as spam. This is completely different from any system (ISP-supplied or not) that only assesses your inbox in isolation. Really what's needed to actually stop spam is for all SMTP servers to require their clients to authenticate, for the servers to verify their client's identities when they join the service, and to refuse anyone to post spam in the first place. But that's never going to happen. People don't want that level of identity control, anonymity is needed for some circumstances, and there are service that are set up solely for spewing spam (they won't agree to do anything to stop spam). I've said it for many years - the only way to stop spammers is to chop off their hands. -- uname -rsvp Linux 3.10.0-1160.66.1.el7.x86_64 #1 SMP Wed May 18 16:02:34 UTC 2022 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
