On 26/04/20 11:26 pm, Ralph Seichter wrote:
* pe...@pajamian.dhs.org:
[...] this is a thread about what messages coming from the *list* go
to spam and what the *list* can do about it. It is not reasonable for
the mailing list owner to ask every person who's messages go to spam
because of a bad DMARC policy to change the policy.
It is reasonable. People who configure DMARC et al correctly don't see
their messages weeded out as spam when using this mailing list. If some
people screw their settings up, it is not for the list manager to work
around that. The Postfix mailing list is set up well.
I disagree. People may configure strict DMARC policies for various
different reasons, may be unaware of the issues that causes and may not
even have control over the domain at all. Granted people posting to
this list are generally expected to have a bit mroe control over their
domain than that, but this will not always be the case.
But all of that is not even the point. Mail coming from a particular
mailing list may originate from the original poster but it is eventually
sent from the list, and as such it is the responsibility of the list
owner to make sure that the mail does not violate SPF, DKIM, DMARC or
other anti-spam measures. To do so does not look to other servers like
incorrectly configured DMARC on the part of the original poster but
rather like mail coming from the list server that is spoofed or possibly
SPAM. That is why it ends up in people's Spam folders, and in addition
to the issues that causes to other people on the list not being able to
read entire conversations it also has the effect of making the list
server look like it is originating spoofed mail and hence SPAM which
negatively affects the IP reputation of the list server. So the
consequences of the strict DMARC configurations are bourne by the other
list members and the list server itself which makes it essential for the
list owner to deal with it.
Also, for the umpteenth time, one can use separate (sub)domains
specifically for mailing lists, like I do. That way one can protect
one's business-related domains with strict policies and still use
relaxed policies for mailing lists.
And all of these are actions that need to be taken by the originator of
the message, and often times by some upstream admin of his email that he
cannot control or influence. This is too much to expect every poster to
conform to these expectations, and more importantly there will always be
posters who do not regardless of how much you expect it.
Peter
