On Tue, 2023-05-09 at 22:37 -0500, Thomas Cameron via users wrote: > I've tested my DMARC, DKIM, and SPF records against multiple test sites, > and it's set up correctly. I've sent email from my server to GMail, read > the headers, and all tests pass. > > The problem is, as far as I can tell, EVERY server that sends mail to > mailing lists causes me to get a barrage of warnings from receivers' > email servers saying that, since the email came from the list server, > the message failed because it's not from MY email server. It's maddening. I would have thought there'd be warnings that other people's emails didn't come from the author's mail servers, not *yours*. > What do folks who manage email servers do about this? I'm seriously > starting to think that using these tools introduce darned near as many > problems as they "solve." List serving is now in an impossible situation, unless they change the way they operate. According to DMARC, DKIM, SPF, etcetera, only authorised mail servers can send mail from someone (and this is usually a good idea). But list servers work by (re)sending mail from someone else. About the only way to abide by those rules is to send the mail from the list server address, removing the author's from address. I wouldn't have a problem with that, well not on any of the lists I am on (where all mail, including replies, is expected to go through the list server). There is no need for any private replies, and it's quite often a bad idea. It reduces the usefulness of the list, and people send unsupervised hostile emails. The list could put the author's address in somewhere else, either create a new header (e.g. Originally-From), or simply put that into the footer for the email. I don't see the need for it, though. People who didn't mind their email address being publicly known can simply sign off their messages with their name and address. One of the many advantages of usenet (over mailing lists) was that you didn't have to expose your email address to all and sundry to be able to participate. The list server should, of course, be taking anti-spam efforts of its own (only allowed authorised members to post through it). The alternative of everyone who posts to a list having to program their mail server to say the list is an authorised poster of their email is an impossible ask. Most posters don't post through their own mail server, they use one they have no control over (their ISP, Gmail, etc). And quite frankly, it'd be a stupid risk to authorise anything else to post from your address. Mail servers could be made so that well-known list servers are granted some kind of exemption of this verification process, but what about the thousand other mail servers that aren't well known? And it'd be creating near monopolies. -- uname -rsvp Linux 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
