A. Schulze via dmarc-discuss skrev den 2017-01-30 22:30:
Am 30.01.2017 um 21:40 schrieb SheridanJ West via dmarc-discuss:
I encountered a opendmarc bug that required adsp records
don't waste your time with ADSP, forget it.
it's deprecated and in fact dead
and spamassaasin does not care of
spf test does not use from header, spf is not sender-id
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
On 2016-10-04 19:41, Elizabeth Zwicky wrote:
The DMARC on the mailing list passes when it reaches me -- it appears
that something in the path between you and dmarc.org is the problem
with breaking the DKIM signature.
correct, did i get a problem on postfix maillist ?
Since it's dmarc.org's
On 2016-10-04 17:20, Franck Martin wrote:
I'm not sure what is the issue here? Mailing lists break DKIM by
design.
bad designed on thiese maillist then its not dkim/dmarc fails
post on postfix maillist have never breaked dkim for me
We could go to the old style of mailing lists, which did
Authentication-Results: linode.junc.eu; dmarc=pass header.from=dmarc.org
Authentication-Results: linode.junc.eu;
dkim=pass (1024-bit key; unprotected) header.d=dmarc.org
header.i=@dmarc.org header.b=g7uNA2zS;
dkim=fail reason="signature verification failed" (1024-bit key; secure)
On 2016-10-04 16:06, Lynne Mack via dmarc-discuss wrote:
HOW I DO GET OFF THIS LIST
how to read the list ?
http://lists.dmarc.org/mailman/listinfo/dmarc-discuss, helpfull in the
box unsubscribe or edit options
i just wonder how you subscribed
On 16. jan. 2015 10.23.10 Constantino Antunes via dmarc-discuss
dmarc-discuss@dmarc.org wrote
Since yesterday I made the following changes:
- changed the rua address: the previous one was receiving e-mail, but
nevertheless
- found an old SPF rule which was too permissive: did a complete rewrite
On October 20, 2014 9:00:55 PM Murray Kucherawy m...@fb.com wrote:
I¹m pretty sure the entire population of this mailing list didn¹t need to
know that; an email to me would¹ve been sufficient.
Abuse or postmaster ?, well i see more domains with this problem, nearly
enough to fix lokal not
The mail system
repo...@dmarc.org: host dragon.trusteddomain.org[208.69.40.156] said: 550
5.1.1 repo...@dmarc.org... User unknown (in reply to RCPT TO command)
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
On October 6, 2014 8:48:35 PM Scott Kitterman via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Postfix removes it.
Thanks Scott for topposting :)
I get Received:, but why would Content-Length change in-flight?
Is this BodyLengthDB in opendkim.conf ?
Is yahoo using opendkim as is btw ?
On October 6, 2014 10:19:15 PM Murray Kucherawy via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
I get Received:, but why would Content-Length change in-flight?
Is this BodyLengthDB in opendkim.conf ?
No, they¹re unrelated.
Good
___
dmarc-discuss
On August 17, 2014 8:44:33 PM Andreas Schulze via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
I noticed the second time spam directed to the address
I use to use only for sending dmarc reports. It's not the address public
availabe as part of
my dmarc record but my decicated sender address
On 1. aug. 2014 10.46.08 CEST, Anders Wegge Keller via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of geowiki-ad...@wegge.dk designates \
5.9.72.151 as permitted sender) smtp.mail=geowiki-ad...@wegge.dk;
spf uses
Authentication-Results: duggi.junc.org/3211C25C056; dmarc=pass
header.from=linkedin.com
wow, where is the footer now ? :)
--
Sendt fra min Android telefon med K-9 Mail. Undskyld hvis jeg er lidt
kortfattet.___
dmarc-discuss mailing list
Authentication-Results: duggi.junc.org/5CA2025C056; dmarc=none
header.from=dmarc.org
not solved yet
have nice weekend, the ismann delivered iscream here :)
--
Sendt fra min Android telefon med K-9 Mail. Undskyld hvis jeg er lidt
kortfattet.___
On 1. aug. 2014 19.34.41 CEST, Franck Martin via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Because your client decided to show you the email I sent you directly
rather than the one via this mailing list…
the above was from maillist
Authentication-Results: duggi.junc.org/37CBA25C056;
On 1. aug. 2014 21.29.31 CEST, Franck Martin via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
Aim to the opendmarc mailing list if you have questions, but I though I
would alert people of this
updated from 1.2.0 to 1.3.0 here, seems to work, gentoo overlay fidonet, use it
at own risk
--
if all is well, i just waiting on the rain to fall
--
Sendt fra min Android telefon med K-9 Mail. Undskyld hvis jeg er lidt
kortfattet.___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE:
On 19. jun. 2014 17.04.49 CEST, John Levine via dmarc-discuss
dmarc-discuss@dmarc.org wrote:
So more specifically, the workaround for DMARC breaks S/MIME. Sigh.
yes, amavisd-new and postfix maillist let my dmarc get pass on my own domain,
silly to see that dmarc maillists try to make non
Lets hope this maillist will not break dkim, please post back with my errors if
you dont see dmarc pass in private mail
Should we keep the problem?
Sendt fra Samsung mobil___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Figures - just confirms that the folks who designed DMARC really don't
give a flying f*k about breaking the Internet.
Amavisd-new, spamassassin, postfix maillists have no problem with dmarc
at all, why does others need another faked headers to test ?
i dont get it :(
and it seems yahoo
I run an email forwarder which presents the same kinds of problems
with DMARC as mailing lists; the sender's from address will never
SPF-align.
SPF is not Sender-ID :(
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Dave Crocker skrev den 2014-04-09 00:50:
Given that we've known about the mailing list issue for DMARC, SPF and
DKIM for a very long time, I think it unlikely that anyone is suddenly
going to come up with a perfect and painless solution.
SPF is transperant to maillists
DMARC, Sender-ID, DKIM
Andrew Beverley skrev den 2014-04-08 17:16:
I am inclined to agree, but what is the best solution for this
scenario?
solved in exchange to not reply to Precedense: foo header mails
dovecot-lmtp, dovecot-lda, sieve does not do reply based on that, so if
sieve based vacation is in use it works
Franck Martin skrev den 2014-04-03 00:12:
I suppose your sending IPv6 address has a reverse DNS entry?
more likely spf ip6 ?
reverse is independic of spf
but again why does it not show spf none ?
___
dmarc-discuss mailing list
Andreas Schulze skrev den 2014-04-03 20:51:
Andreas Schulze:
yes, normaly I look at these things :-)
I remember I saw a received line in gmail that contain a rDNS too.
Just written I double checked the rDNS. Bingo!
... normaly impies there are unnormal corners too.
Thanks for the pointer!
Spf is transperant on maillists
Sender-id is not
Dkim is transperant on maillist if no signed headers is changed or body is not
changed
Dmarc works if all of the above passes even if dmarc policy say reject
Stop being ignorants
___
dmarc-discuss
On 2014-01-24 07:56, Benjamin BILLON wrote:
I'm unsure about losing messages or auto-unsubscribing some people
from lists because
first begin to ignore maillist that is not dkim valid, then enable
if all is listed as belov in ignorehosts file
Funny, all of your messages through this mailing
Franck Martin skrev den 2014-01-15 06:07:
There is a space between mailto: and the email address, this may be
the cause of your problems
https://dmarcian.com/dmarc-inspector/evite-sendmail.nl
well spotted space
opendmarc-check evite-sendmail.nl
John Levine skrev den 2014-01-14 03:07:
I get lots of aggregate reports from Hotmail, nearly all to a
reporting address not in the domain being reported. The most recent
arrived about an hour and a half ago.
Authentication-Results: duggi.junc.org/C251925C04F; dmarc=none
this could reduce reporting for pass to limit abuse problems, here i get
tired of domains that want reports, but defer forever in there
mailserver
could this be changed without breaking dmarc ?
currently i also see more then one ruf and rua, well its ok, but i think
its abuse :(
John Levine skrev den 2013-12-13 04:00:
If example.net is a parked domain you can then protect it this way:
_dmarc.example.net CNAME _dmarc.parked.example.com
CNAME preserve DNSSEC ?
Yes, of course it does. CNAME is a fundamental part of the DNS and
always has been.
i have seen CNAME used
Franck Martin skrev den 2013-12-10 22:40:
If example.net is a parked domain you can then protect it this way:
_dmarc.example.net CNAME _dmarc.parked.example.com
CNAME preserve DNSSEC ?
it does not work in ADSP
be carefull
___
dmarc-discuss
Murray Kucherawy skrev den 2013-10-31 17:01:
Please ask OpenDMARC support questions on the OpenDMARC mailing lists,
such as opendmarc-us...@trusteddomain.org. This list is for general
deployment and other discussions not specific to a particular
implementation.
this maillist here is missing
Netsons Paolo Giustiniani skrev den 2013-09-10 17:31:
Any email sent from the server is marked as spam by Gmail and
inserted into the appropriate folder.
mark the msg as not spam in gmail should solve it for the recipient,
sender cant solve gmails problems :=)
Netsons Paolo Giustiniani skrev den 2013-09-10 17:46:
Have you a record DMARC (Gmail) for me?
https://dmarcian.com/dmarc-inspector/kirweb.it
https://dmarcian.com/kitterman_record_gen/
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Olga Gavrylyako skrev den 2013-09-09 22:27:
Unfortunately in Gmail we are using different software from opendkim.
In some cases we have more strict requirements. Unless you provide me
an example, I cannot say why it did not pass our validation.
so much for using opensources, try atleast give
John Levine skrev den 2013-08-29 23:31:
opendmarc use its own spf checks, it does not trust pypolicyd-spf
results, better results depends on make opendmarc api to create a
spf
check as replacement for pypolicyd-spf, one milter lib, one policy
This is absolutely incorrect.
opendmarc uses
Scott Kitterman skrev den 2013-08-17 04:51:
opendmarc use its own spf checks, it does not trust pypolicyd-spf
results, better results depends on make opendmarc api to create a
spf
check as replacement for pypolicyd-spf, one milter lib, one policy
This is absolutely incorrect.
show config
Umesh Ratnayake skrev den 2013-08-08 10:22:
My problem is
wait a month or so, you see reports from not expired datahosts, but
when dns is updated the new domain will get in use over time, that means
you will in a periode see reports to both old and new domain, there
should not be any
is there as test plugin to use ?
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
Andreas Schulze skrev den 2013-06-29 21:19:
$ dig _dmarc.dmarc.andreasschulze.de txt +short
v=DMARC1\; p=reject
another domain is another problem, it should really not be another
domain, but same domain where its indicated not to report dmarc back to,
all else is just unstable workarounds
Matt Simerson skrev den 2013-06-25 08:23:
- RUAs:
- a...@dmarc-qa.com
- b...@dmarc-qa.com
if more then one is defined it sents to all, i see it used on multiple
domains that send copy to return-path and still get a copy self
--
senders that put my email into body content will deliver it to
Roman Prokhorov skrev den 2013-06-25 00:28:
However it would be nice to have a special header like
X-DMARC-Report: aggregate or something to be defined in the
standard.
could be usefull to have an std default sender email that is not
reported from, say noreply@ as it is for regulary email
Andreas Schulze skrev den 2013-06-13 10:28:
May someone confirm that my reports from tomorrow 14/June/2013 are
different/fixed?
i have make a ticket for this in sf.net, hope it resolved in 1.1.4 :=)
http://sourceforge.net/p/opendmarc/tickets/54/
--
senders that put my email into body
Tom Hendrikx skrev den 2013-06-12 11:45:
It seems to me that dmarcian tells us that 207.68.169.173/30 is
wrong,
while 207.68.169.172/30 is correct cidr notation. It doesn't complain
about correct cidr notations like 157.55.0.192/26.
so in other words:
127.0.2.0/24
127.0.0.0/8
gives the
Tim Draegen skrev den 2013-06-12 15:26:
If I'm reading this too narrowly, by all means, please let me know!
I'm happy to suppress this the information is unnecessary (as perhaps
the receiving world's SPF stacks simply don't care).
i think it just need to be dokumented more what it means,
Scott Kitterman skrev den 2013-06-12 15:41:
There are implementations that care, so you are right to raise the
warning.
what will spf testers do if v=spf1 a:_spf.example.org -all
and _spf.example.org is have multiple ips ?
that would make spf simple, and still could hold all 8 ips,
Franck Martin skrev den 2013-06-11 04:17:
https://dmarcian.com/spf-survey/microsoft.com
indeed...
wonder if its not possible with v=spf1 ptr mx a +all for a good start ?
what does Network objects should not contain host bits mean while we
are at it ?
--
senders that put my email into body
Matt Simerson skrev den 2013-06-11 23:00:
Reports from junc.org have mis-labeled the 'identifiers' section
as 'identities'
fixed, let me know if its not
--
senders that put my email into body content will deliver it to my own
trashcan, so if you like to get reply, dont do it
Other Mailbox skrev den 2013-06-10 17:49:
Anyone else getting empty reports DMARC reports from Microsoft? Last
3 or 4 days all domains.
and microsoft have invalid spf ?, i dont get anything here since spf is
rejecting invalid spf records
--
senders that put my email into body content will
On 2013-03-30 23:45, Andreas Schulze wrote:
Nice to notice: I get failure reports from china (126.com) only.. .
same here, hopefully 126,com if using spf/dkim/dmarc in that case you
just see noice from senders that still belive it works
--
senders that put my email into body content will
On 2013-03-30 09:58, J. Gomez wrote:
How crazy is that suggestion?
it might be needed :(
--
senders that put my email into body content will deliver it to my own
trashcan, so if you like to get reply, dont do it
___
dmarc-discuss mailing list
Murray Kucherawy skrev den 2013-04-05 09:09:
I get less than a 1% failure rate for google.com signatures with my
opendkim installation.
1% is still to much to be stable
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Murray Kucherawy skrev den 2013-04-05 11:00:
My point is that I don't think this is a problem with Google's key or
with
opendkim.
i will try to catch it with 2.8.2 now, if i see it again, i lost if its
just bind dns that shows it, its not gmail.com but google.com, diff
public keys
Al Iverson skrev den 2013-04-05 16:38:
Might be wiser to not put p=reject for this domain.
google have invalid setup for what is spam so
if you subscribe to maillist and dont want it as ham, then you
unsubscribe ?
i am open minded idiot :)
___
Blason rock skrev den 2013-03-31 20:14:
3. I heard aboout opendmarc but curious to know since I already have
postfix milter running on port 8891 can I run one more milter on port
8893 i.e. dmarc one?
yes, i have clamav-milter, opendkim, opendmarc no problem here
seperate milters with , with
John Levine skrev den 2013-03-01 01:37:
John, you keep mentioning this, but I don't see anyone arguing.
Then please stop.
or unsubscribe ?
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
Matias Kruk skrev den 2013-01-10 17:14:
Yes, that's the problem. We have to remove it from the SPF record.
good or bad ?
for dmarc its not a dmarc problem what results gives by spf and dkim
one cant force all worlds servers to use spf test and dkim in there
servers, sadly yes
John Levine skrev den 28-10-2012 04:31:
Consider how hard it is to make up some fake letterhead in your
favorite word processor, print out a fake letter, put it in an
envelope with a fake return address, put a real stamp on it, and put
it in a mailbox.
and ask the postman to get paid on
John Levine skrev den 29-09-2012 06:13:
On a bad day, I've gotten 300,000 bounced back messages due to
spammers forging my addresses. How many are you seeing?
could you be less sakastisk here ?
___
dmarc-discuss mailing list
Den 2012-09-02 22:01, Andreas Schulze skrev:
is the any fixed echo address where the answer will always pass
dmarc-checks?
I just setup e...@signing-milter.org ...
it works
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
Den 2012-08-11 18:34, Peter Bowen skrev:
However, this is list also seems to be setup slightly incorrectly.
It
is adding its own DKIM signature, but also leaving the any existing
one in place. So there are two DKIM-Signature headers on most mails;
one which passes and one which does not.
63 matches
Mail list logo