On Wed, Mar 29, 2017 at 3:04 AM, DaKnOb <daknob....@gmail.com> wrote:
> Usually mailing lists act like e-mail spoofers as far as SPF and DKIM is > concerned. These two systems above try to minimize spoofed e-mail by doing > the following: > > SPF: Each domain adds a list of IP Addresses that are allowed to send > e-mail on their behalf. > > DKIM: Each email sent by an "original" mail server is cryptographically > signed with a key available, again, in the DNS. > > When you send an e-mail to a list, you send it to the mailing list mail > server. After that, of the server forwards that e-mail to the recipients, > its original address is shown, therefore if Outlook checks for SPF records, > that check will fail. An easy way to get around this is for the list to > change the From field to something else, like "Mel Beckman via NANOG" and a > local email address. > > However, when you send that email, it may also be signed with DKIM: any > change in subject (say "[NANOG]" is added) or the body (say "You received > this email because you subscribed to NANOG" is appended) will also cause > that check to fail. > Hello, Both SPF and DKIM are meant to be checked against the domain in the envelope sender (SMTP protocol-level return address) which the NANOG list sets to nanog-boun...@nanog.org. Checking against the message header "from" address is an incorrect implementation which will break essentially all mailing lists. Regards, Bill Herrin -- William Herrin ................ her...@dirtside.com b...@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>