Dear Geoff,
Geoff Mulligan via mailop writes:
> (... thanks ...)
> If so, how is someone supposed to forward messages to gmail???
This is mine:
[0] https://gitlab.com/soyeomul/Gnus/-/raw/karma/DKIM/ss/87ilrewnoo@gnus.org
[1]
https://gitlab.com/soyeomul/Gnus/-/blob/karma/DKIM/ss/Screenshot
On 4/28/2022 1:52 PM, Dave Crocker via mailop wrote:
If writing a formal specification, yes, one needs careful language.
This isn't that exercise.
This prompted me to consider language that might be suitable for an RFC.
Perhaps:
An MTA that is relaying a message SHOULD NOT attempt to r
On 2022-04-28 at 12:45 -0600, Geoff Mulligan via mailop wrote:
> I have a user on one of my servers that uses procmail to forward
> messages to their gmail account.
>
> Every once in a while messages sent to them are "bounced" to the
> sender with the error fro gmail:
>
> 550-5.7.26 This message
On Thu, Apr 28, 2022 at 7:20 PM Mark Milhollan via mailop
wrote:
> It does not. As recently discussed, Gmail plays a game of trying to
> guess whether SPF should have failed on a previous hop, rather than just
> the connected peer.
I don't really see that much of an issue with this in popping ma
It appears that Matt Corallo via mailop said:
>
>
>On 4/28/22 2:34 PM, Michael Ströder via mailop wrote:
>> On 4/28/22 05:40, Matt Corallo via mailop wrote:
>> I'm really wondering why people have so strong objections against MTA-STS.
>> Actually it's pretty easy
>> to setup and it's the only st
> On Apr 28, 2022, at 18:58, Michael Ströder via mailop
> wrote:
>
> On 4/29/22 00:27, Matt Corallo wrote:
>>> On 4/28/22 2:34 PM, Michael Ströder via mailop wrote:
>>> I'm really wondering why people have so strong objections against MTA-STS.
>>> Actually it's pretty easy to setup and it's
Heho,
This might be a bit of a theoretical attack thing, but looking over the bounces
for my nightly outbound DMARC reports I actually started to wonder about this;
(Mostly because I am getting scared by regularly sending DMARC reports to non
-existing accounts on a major ESP ;-)).
Maybe I am ove
On Thu, 28 Apr 2022, Scott Mutter wrote:
configure your Gmail account to POP mail from that POP3 mailbox. This
side steps the issues of SPF failing,
It does not. As recently discussed, Gmail plays a game of trying to
guess whether SPF should have failed on a previous hop, rather than just
On 4/28/2022 10:54 AM, John Levine via mailop wrote:
It appears that Dave Crocker via mailop said:
So, rather than changing the message, do simply relaying of the
(unchanged) message, but also send a notification about the problem,
back to the SMTP Mail-From address.
Well, that's one approa
On 4/29/22 00:27, Matt Corallo wrote:
On 4/28/22 2:34 PM, Michael Ströder via mailop wrote:
On 4/28/22 05:40, Matt Corallo via mailop wrote:
AFAIK, the *only* shop that enforces the rube-goldberg machine that
is MTA-STS that doesn't also enforce TLSA/DANE is Google.
I'm really wondering why p
On 4/28/22 2:34 PM, Michael Ströder via mailop wrote:
On 4/28/22 05:40, Matt Corallo via mailop wrote:
AFAIK, the *only* shop that enforces the rube-goldberg machine that is MTA-STS that doesn't also
enforce TLSA/DANE is Google.
I'm really wondering why people have so strong objections again
It appears that Michael Ströder via mailop said:
>> And skipping it avoids the pain of setting up a number of steps and,
>> for some reason, introducing an HTTP server into your mail-receiving
>> stack?!
>Is that simple HTTP server serving a tiny static file is really such a
>big deal? Personally
On 4/28/22 05:40, Matt Corallo via mailop wrote:
AFAIK, the *only* shop that enforces the rube-goldberg machine that is
MTA-STS that doesn't also enforce TLSA/DANE is Google.
I'm really wondering why people have so strong objections against
MTA-STS. Actually it's pretty easy to setup and it's
On 4/28/22 23:34, Michael Ströder wrote:
On 4/28/22 05:40, Matt Corallo via mailop wrote:
And skipping it avoids the pain of setting up a number of steps and,
for some reason, introducing an HTTP server into your mail-receiving
stack?!
Is that simple HTTP server serving a tiny static file is rea
I've told any of my users to not forward to gmail instead, but rather to just
use their pop-fetcher.
Two problems I had there.
1) Not a goog issue, but Microsoft effectively discontinued this feature for
hotmail, for some reason, so it's not universal advice.
2) Gmail started hitting MTU/ipv6
On 4/28/2022 1:25 PM, John R Levine via mailop wrote:
On Thu, 28 Apr 2022, Dave Crocker wrote:
Actually, for the current discussion, there is only a single issue:
Should an intermediate relay get fussy and modify the substance
of a message?
That is one way to look at it, but as I sa
I'm showing how many have chosen DANE vs MTA-STS (or both), along with TLSRPT.
And adoption of both are not great for those larger systems. Ultimately, it's
a choice that folks are free to make. For some, the "fear of DNSSEC" is far
greater than that of running an HTTPS server. I don't entir
On Thu, 28 Apr 2022, Dave Crocker wrote:
Actually, for the current discussion, there is only a single issue:
Should an intermediate relay get fussy and modify the substance
of a message?
That is one way to look at it, but as I said in the message you just
replied to, in this case not
Automatic email forwarders are generally a bad idea, at least in my
humble opinion.
They're always going to fail SPF unless you rewrite the
sender-envelope, which I also don't think is a good idea.
Ultimately, the argument generally comes down to "well, these used to
work" and that's part of the
Are they using the suggestions on
https://support.google.com/mail/answer/175365 for procmail forwarding?
There's a double edge sword with SPF auth for forwarding.. if you re-write
the envelope sender to the forwarding address and forward spam, the
forwarding domain can accumulate poor reputation.
The site could be as simple as the logical opposite of
http://iscaliforniaonfire.com/
--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mail
I have a user on one of my servers that uses procmail to forward
messages to their gmail account.
Every once in a while messages sent to them are "bounced" to the sender
with the error fro gmail:
550-5.7.26 This message does not have authentication information or fails to
550-5.7.26 pass
Hi y'all!
My team has been happy to see that you have enjoyed the site. The old DO
droplet had been decommissioned as part of other work, but we should have the
replacement for caniuseapurchasedlist up soon.
Also, thank you for the alternate site Al, your version is very nice.
Thanks,
Matt Gi
It appears that Andrew C Aitchison via mailop said:
>On Wed, 27 Apr 2022, Simon Luger via mailop wrote:
>
>> Hi
>>
>> i need this page from time to time.
>>
>> caniuseapurchasedemaillist.com
The http version returns 404, and the https version fails in any normal
browser because it still is doing
It appears that Dave Crocker via mailop said:
>So, rather than changing the message, do simply relaying of the
>(unchanged) message, but also send a notification about the problem,
>back to the SMTP Mail-From address.
Well, that's one approach. The issue here is that you have two
things wrong
Right, apologies for the ambiguity, I was talking about setting up MTA-STS to get inbound email
encrypted, not talking about outbound. I agree there is limited uptake on the receiving end for
Large Providers. Microsoft is now quoting middle of next year for DANE for their inbound stuff.
Of cour
Hi Mark
Really great work and thank your for the open source contribution. What
sort of throughput can this manage? Have you done any stress testing?
Thanks
Ken
On Thu, Apr 28, 2022 at 7:54 AM Mark E. Jeftovic via mailop <
mailop@mailop.org> wrote:
>
> Hi all, we're pleased to release as open s
Hi all, we're pleased to release as open source our CHAPPS package.
Developed by Caleb Cullen here, this is what we've been using for
managing outbound email across multiple client domains.
https://easydns.com/blog/2022/04/28/introducing-chapps-the-caching-highly-available-postfix-policy-service/
From last week:
"While it seems that Gmail is the current example of MTA-STS-only, that could
always change. We still have tons of providers that support neither, and I'd
take either as a step above Opportunistic TLS."
Grabbing a sample of "large" rcpt domains from our platforms for the past
29 matches
Mail list logo