On 2026-02-18 at 03:43:29 UTC-0500 (Wed, 18 Feb 2026 09:43:29 +0100)
lejeczek via Postfix-users <[email protected]>
is rumored to have said:
the mailing list is: [email protected] but... ! it
works now.
Messages which I got bounced for and got dmarc reports for, seems got
queued (perhaps by me) and got delivered eventually.
As to - why it works now (perhaps as a side-note for others) - I did
change my _sp_ from none to quarantine/reject in dmarc
I was also missing "external validation" records for dmarc, but...
how this might affect dkim=fail I do not know.
btw. How do you guys - who contemplated the use of, made a choice
either direction - feel about use of provides of "collective
punishment"?
If "collective punishment" is not clear - those providers who ban,
flag whole sub/net as a spammer - what to make of that?
I think one needs to differentiate between "collective punishment" and
simply removal of default trust for some connectivity providers.
The median email message is spam. There's been progress since the '00s
when as much as 97% of all messages were spam, but it is still
substantially over 50% everywhere I can look. And yet, almost everyone
defaults to accepting and delivering messages.
When I reject messages from hosts on Digital Ocean or Linode or OVH, it
is not to "punish" anyone. It is because those networks still have a
>95% spam rate on the systems I operate. This is NOT intended to
*punish* people for their poor choice of provider, it is a self-defense
tactic. It harms NO ONE persistently.
I say that because every time a piece of email explicitly is not
accepted, that is not harm but rather an willingness to grant a favor.
When an OVH customer pays their bills, none of that flows to people on
the Internet accepting mail from that customer's systems. We accept mail
on the premise that it is legitimate, even though that has predominantly
not been true for decades. However, we are not blind to the facts.
Spammers tend to cluster on networks with weak policy enforcement. This
has been true since the late 90's. So it can be highly effective to
reject whole networks rather than to wait for the next spammer to find
this week's bulletproof hoster and sign up. When one finds that their
provider is blocked by someone they want to mail, they have choices for
getting that done: find a competent provider or convince their intended
receivers to change their minds.
Rather than "collective punishment" that is "collateral damage," i.e.
unintended and unwanted damage that is unfortunate but is a natural
consequence of legitimate self-protection. Unlike explosives from the
sky, declined email only annoys senders rather than killing them and it
is relatively easy to mitigate the harm.
I should disclose that as an active contributor and project management
committee member for ASF SpamAssassin, I help maintain a tool that is
imperfect and which includes mechanisms that some have described as
collective punishment, but which we view as simply expressing a
correlation that is useful for discriminating between spam and non-spam.
So I am somewhat accustomed to seeing rejected legitimate mail as a
solvable minor problem. With competent and attentive administration of
mail systems, that's what it is.
With Google and MS running so many people's email, that last condition
is rather dubious. That is the biggest problem with email today.
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Please keep discussion mailing list replies *on-list*
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
