Am 06.05.23 um 18:44 schrieb Christian Seitz via mailop:
Hello,
...
I already tried to contact Yahoo before sending this email to the list and they acknowledged the issue "You are correct, we are indeed looking for an SOA for each individual subdomain if you're going to use it in the SMTP (RFC5321) MAIL FROM." and promised to forward the email headers to an engineer, but that was more than a week ago and we are having some users who complained about the issue.
This sounds pretty much wrong. Requiring a separate SOA for every subdomain sending e-mail is nonsense, as your example shows. I'm doing volunteer work for an organisation where subdomains are used similarly yet we did not experience issues. One possible reason might be that our subdomains send mail via a central mail server, we use SRS to work around SPF breaking forwarding (some of our users have pretty ugly forwarding chains, and we can't really get them to simplify that) and the particular SRS engine happens to SRS-encode all SMTP sender addresses whose domain part isn't the main domain. I would not suggest you use SRS though (it's a half-working patch for the problems that SPF creates, which is a not-even-half-working patch for the spam/phishing problem)...
It would be interesting to see whether the outgoing SRS component can be changed to leave subdomains alone, but our users might not be amused that mail to Yahoo suddenly fails to be delivered.
Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
