Dear Dan, I'm one of the users for whom this is an on-off experience. I had a period where everything worked fine only to get bad again; see my reply from October 25 2022 to the dev-thread "Ceph Leadership Team meeting 2022-09-14". Over the last few days I made a similar experience. For 1 day, I think Friday/Saturday all ceph-user messages made it to mu inbox. Since Sunday I have to pull them out of MS quarantine again. They aye usually reported as violating some sender authentication scheme. Unfortunately, since our e-mail service was moved to a cloud service I can't extract the real reason for quarantine any more, it just says "phising policy", which usually means something along the lines of sender could not be verified. It would be great if you could get this working for everyone, also for the unfortunate souls who have to live with artificially intelligent microsoft policies. Thanks and best regards, ================= Frank Schilder AIT Risø Campus Bygning 109, rum S14 ________________________________________ From: Dan Mick <dmick@xxxxxxxxxx> Sent: Friday, May 5, 2023 1:46 AM To: ceph-users Subject: Change in DMARC handling for the list Several users have complained for some time that our DMARC/DKIM handling is not correct. I've recently had time to go study DMARC, DKIM, SPF, SRS, and other tasty morsels of initialisms, and have thus made a change to how Mailman handles DKIM signatures for the list: If a domain advertises that it will reject or quarantine messages that fail DKIM (through its DMARC policy in the DNS text record _dmarc.<domain>), the message will be rewritten to be "From" ceph.io, and SPF should be correct. I do not know if it will regenerate a DKIM signature in that case for what is now it's own message. The From: address will say something like "From Original Sender via ceph-users <ceph-users@xxxxxxx> so it's somewhat clear who first sent the message, and Reply-To will be set to Original Sender. Again, this will only happen for senders from domains that advertise a strict DMARC policy. This does not include gmail.com, surprisingly. Let me know if you notice anything that seems to have gotten worse. Next on the list is to investigate if DKIM-signing outbound messages, or at least ones that don't already have an ARC-Seal, is appropriate and/or workable. _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |