On 2022-08-25 07:08, Charles Cazabon wrote: > Jan Eden <t...@eden.one> wrote: > > > > I recently sent a message to this list, and received a couple of DMARC > > reports from various mail providers to my postmaster address: > [...] > > > > I was under the impression that earlier issues with DMARC, DKIM and SPF with > > respect to mailing lists were solvable > > Others have addressed DKIM, but for SPF I have found that every message to a > mailing list of any size generates a number of reports of SPF failures, even > though the list has correctly used its own domain in the envelope return path. > > I believe this is because there are people or bots subscribed to the list > using terrible mail-forwarding configurations, where the forwarded message is > sent with an envelope sender extracted from the From: header field - either > because the software is a disaster, or because it's being used on a machine > that cannot or does not properly record the original envelope when delivering > received messages.
In my reply to Kevin, I quoted my own mail server's and outlook.com's authentication results – both handle the mutt.org envelope sender correctly (spf=pass), but outlook.com still reports an SPF failure as part of the <policy_evaluated> tag (irrespective of <auth_results>). - Jan
signature.asc
Description: PGP signature