Thanks for helps.
On Sat, Nov 23, 2019, at 11:07 AM, Richard Damon wrote:
> On 11/22/19 6:25 AM, Wesley Peng wrote:
> > Would this list break SPF then? Thanks
> >
> This list sends with an envelope sender in the lists domain, so it
> doesn't break general SPF, it will break DMARC SPF, since that
On 11/22/19 6:25 AM, Wesley Peng wrote:
> Would this list break SPF then? Thanks
>
This list sends with an envelope sender in the lists domain, so it
doesn't break general SPF, it will break DMARC SPF, since that check SPF
only to the From: domain.
This list doesn't modify messages in a way to br
merr...@fn.de writes:
> [...] do you think if it is possible to reject all mails from China? Thanks
How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i
think. Plus don't block China. Blocking China is blocking money.
Sincerely,
--
^고맙습니다 _地平天成_ 감사합니다_^))//
On 11/22/19 7:12 PM, Wesley Peng wrote:
> Hi
>
> when validating DMARC, it use the envelop address, or use from address
> from the header? Thanks
>
DMARC specifically says that validation is to be based on the From:
Header of the message (which is different than how SPF and DKIM work by
themselves
Hi
when validating DMARC, it use the envelop address, or use from address from the
header? Thanks
SA (Spamassassin) is good idea, I saw most people running their own mail
servers are using it.
On Sat, Nov 23, 2019, at 4:35 AM, Ralph Seichter wrote:
> * merr...@fn.de:
>
> > We did get a lot of spam messages from Chinese providers. We speak not
> > Chinese, do you think if it is possible to r
On Fri, Nov 22, 2019 at 12:11:21PM +0100, Lars Kollstedt wrote:
> Is there a clean way to optionally present a client certificate to a
> Postfix MX without breaking the use of TLS or even the mail delivery
> to MXes that are verifying presented client certificates against a
> local CA, and rejecti
* Lars Kollstedt:
> is there a clean way to optionally present a client certificate to a
> Postfix MX [...]
I hope I don't misinterpret your question here. When acting as an SMTP
client, Postfix should present the certificate you have defined via
smtp_tls_cert_file if the receiving Postfix (the S
* merr...@fn.de:
> We did get a lot of spam messages from Chinese providers. We speak not
> Chinese, do you think if it is possible to reject all mails from
> China?
SpamAssassin, which is often used in combination with Postfix, has a
plugin called "RelayCountry" that allows you to change the spa
Hi,
I've set up sieve vacation reply but my postfix setup is using
smtp_sasl_password_maps and smtp_sender_dependent_authentication.
The problem is that Sieve will send the reply with "from=<>" to prevent
bounces.
This means that Postfix has no way to authenticate to my ISP because it
does
On 22.11.19 07:24, Richard Damon wrote:
Base SPF works through a traditional forwarder, because the base rules
for SPF allow the message to pass based on the domain of the Sender:
header, not just the From:. A proper forwarder will add a Sender: header
for itself, to indicate that while it was no
On 22.11.19 06:15, Richard Damon wrote:
Normal forwarding will break SPF,
note that by "normal forwarding" Richard meant the old-school
"re-send mail to new recipient, keep its contents and the envelope sender"
where the keeping envelope sender is what breaks SPF. This is imho valid,
because
Dnia 22.11.2019 o godz. 13:16:41 Dominic Raferd pisze:
> Even so, the eu.org DMARC policy is 'none' so it is *not* advising receiver
> to quarantine or block emails that fail the DMARC policy (which begs the
> question of why bother with a DMARC policy at all of course).
Many domains have DMARC po
On Fri, 22 Nov 2019 at 12:45, Jaroslaw Rafa wrote:
> Dnia 22.11.2019 o godz. 11:40:29 Dominic Raferd pisze:
> >
> > The limitations you describe affect SPF but not DMARC because DMARC can
> > rely *either* on SPF *or* on DKIM.
>
> But it probably depends on how the *recipient* configured DMARC ch
Dnia 22.11.2019 o godz. 07:24:03 Richard Damon pisze:
>
> Base SPF works through a traditional forwarder, because the base rules
> for SPF allow the message to pass based on the domain of the Sender:
> header, not just the From:. A proper forwarder will add a Sender: header
> for itself, to indica
Dnia 22.11.2019 o godz. 11:40:29 Dominic Raferd pisze:
>
> The limitations you describe affect SPF but not DMARC because DMARC can
> rely *either* on SPF *or* on DKIM.
But it probably depends on how the *recipient* configured DMARC checking and
the sender can't do anything about it - am I right?
On 11/22/19 6:25 AM, Jaroslaw Rafa wrote:
> Dnia 22.11.2019 o godz. 10:45:42 Wesley Peng pisze:
>> So mailing list makes DKIM or SPF failed?
>>
>> Thank you for your helps.
> My opinion is that the actual problem is that people who invented SPF and/or
> DMARC had wrong assumptions about how email w
On Fri, 22 Nov 2019 at 11:26, Jaroslaw Rafa wrote:
> Dnia 22.11.2019 o godz. 10:45:42 Wesley Peng pisze:
> >
> > So mailing list makes DKIM or SPF failed?
> >
> > Thank you for your helps.
>
> My opinion is that the actual problem is that people who invented SPF
> and/or
> DMARC had wrong assumpt
No. It's how DMARC uses SPF.
Scott K
On November 22, 2019 11:25:47 AM UTC, Wesley Peng wrote:
>Would this list break SPF then? Thanks
>
>On Fri, Nov 22, 2019, at 7:15 PM, Richard Damon wrote:
>> On 11/21/19 11:47 PM, Wesley Peng wrote:
>> > Richard Damon wrote:
>> >> That is a question to ask
Would this list break SPF then? Thanks
On Fri, Nov 22, 2019, at 7:15 PM, Richard Damon wrote:
> On 11/21/19 11:47 PM, Wesley Peng wrote:
> > Richard Damon wrote:
> >> That is a question to ask them. Basically the strict DMARC policy is
> >> designed for transactional email, where spoofing is a re
Dnia 22.11.2019 o godz. 10:45:42 Wesley Peng pisze:
>
> So mailing list makes DKIM or SPF failed?
>
> Thank you for your helps.
My opinion is that the actual problem is that people who invented SPF and/or
DMARC had wrong assumptions about how email works/should work.
They assumed email is a str
On 11/21/19 11:47 PM, Wesley Peng wrote:
> Richard Damon wrote:
>> That is a question to ask them. Basically the strict DMARC policy is
>> designed for transactional email, where spoofing is a real danger. The
>> side effect of it is that addresses on such a domain really shouldn't be
>> used on ma
Hello List,
is there a clean way to optionally present a client certificate to a Postfix
MX configured with
smtpd_tls_received_header=yes
smtpd_tls_ask_ccert = yes
smtpd_tls_CApath=/etc/ssl/certs
without breaking the use of TLS or even the mail delivery to MXes that are
verifying presented cl
On Fri, 22 Nov 2019 at 09:56, Wesley Peng wrote:
> I meant I didn’t get it in my mail.ru inbox. The other providers may or
> may not reject it. Thanks.
>
> On Fri, Nov 22, 2019, at 5:52 PM, Wesley Peng wrote:
>
> Hi
>
> the mail I sent from mail.ru to this list got dropped, I didn’t get the
> mes
I meant I didn’t get it in my mail.ru inbox. The other providers may or may not
reject it. Thanks.
On Fri, Nov 22, 2019, at 5:52 PM, Wesley Peng wrote:
> Hi
>
> the mail I sent from mail.ru to this list got dropped, I didn’t get the
> message I sent.
>
>
> On Fri, Nov 22, 2019, at 4:41 PM, Ni
Hi
the mail I sent from mail.ru to this list got dropped, I didn’t get the message
I sent.
On Fri, Nov 22, 2019, at 4:41 PM, Nick wrote:
> On 2019-11-22 04:21 GMT, Wesley Peng wrote:
> > The email I am using is with domain of mail.ru, which has the
> > strictest DMARC policy setting.
> >
> > S
On Fri, 22 Nov 2019 at 08:42, Nick wrote:
> On 2019-11-22 04:21 GMT, Wesley Peng wrote:
> > The email I am using is with domain of mail.ru, which has the
> > strictest DMARC policy setting.
> >
> > So mailing list like postfix-users doesn't deliver my message to
> > myself on this domain. And goo
On 2019-11-22 04:21 GMT, Wesley Peng wrote:
> The email I am using is with domain of mail.ru, which has the
> strictest DMARC policy setting.
>
> So mailing list like postfix-users doesn't deliver my message to
> myself on this domain. And google groups rewrite the sender address
> to their own ad
Plain old greylisting can yield many false positives, but recent
implementations of milter-greylist for example will not greylist
messages that validates SPF. It helps *a lot*.
The question is: does it only help "a lot", or is the result "zero false
positives"? I personally don't belie
29 matches
Mail list logo