I've done some sniffing around, and it looks like we could at least start figuring out *why* we're getting on this spamhaus list if we would enable DMARC in notify-only mode, and it would definitely help our IP reputation to have an SPF record. So I think we should configure the following DNS entries:
# We could probably also put "a mx" in here to allow the A and MX # records for mercurial-scm.org to transact mail. mercurial-scm.org. IN TXT "v=spf1 ip4:192.81.134.36 ip6:2600:3c01::f03c:91ff:fedb:76b6/64 ~all" # rua = "aggregate data reporting address" # ruf = "forensic data reporting address" # fo = "failure option" -> 1 means "report for any failure" # By default this applies to 100% of mail. _dmarc.mercurial-scm.org. IN TXT "v=DMARC1; p=none; rua=mailto:dm...@mercurial-scm.org; ruf=mailto:dm...@mercurial-scm.org; fo=1" and configure dmarc@ to forward to someplace private, but reachable by the sysadmin group. Thoughts? _______________________________________________ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel
