I assumed most people had already tuned their systems to ignore +all or overly broad IP ranges, spammers abused that like a decade ago.
I feel like we even discussed it here, including having to exempt Apple who had their entire class A listed at one point (they no longer do). Saying anyone can send mail as your domain is saying you don't care about who abuses your domain... or you're protesting against modern email and pining for the old days. And agreed, it doesn't solve the mailing list DMARC problem because the spf is done against the envelope sender which will be the bounce address for the mailing list, and that won't align with the from header domain. Brandon On Tue, Jul 11, 2023 at 8:21 AM Benny Pedersen via mailop <mailop@mailop.org> wrote: > Alessandro Vesely via mailop skrev den 2023-07-11 11:12: > > > You need +all if you're after dmarc=pass. > > no not at all, direct to mx will have spf pass without +all, on next hub > envelope sender changes, so new spf problem when next hub forwards > mails, it does not need to be a maillist btw > > if dmarc is configure to align to be aligned to make dmarc pass, then it > will fail for maillists, hmm ? > > aligned is to make sure its not forwarded and thus can be trusted not > travel malicious servers on transit > > i just don't care :) > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
