Hi,
Since a few weeks now, we're running DMARC for the mailing lists. So far, we've run with the loosest policy possible ("none"). The other options are "quarantine" and "reject".
I'm thinking we'll want mail sent using our domain (common-lisp.net), failing the DMARC checks (failing SPF and/or DKIM), to be quarantined (moved to SPAM) at the very least. I noticed that fastmail is using an even stricter policy ("reject"), but moving straight from "none" to "reject" seems too much (because "reject" prevents delivery; not just moving to SPAM).
This will affect everybody using an @common-lisp.net mail address with their own mail server.
Does this affect anybody on this mailing list? Any comments with respect to the stricter policy?
Regards,
Erik.
I’m not impacted as a user of a @common-lisp.net email address on a different server, but I fully support increasing to quarantine.
— jb On Aug 26, 2024 at 16:31 -0400, Erik Huelsmann ehuels@gmail.com, wrote:
Hi,
Since a few weeks now, we're running DMARC for the mailing lists. So far, we've run with the loosest policy possible ("none"). The other options are "quarantine" and "reject". I'm thinking we'll want mail sent using our domain (common-lisp.net), failing the DMARC checks (failing SPF and/or DKIM), to be quarantined (moved to SPAM) at the very least. I noticed that fastmail is using an even stricter policy ("reject"), but moving straight from "none" to "reject" seems too much (because "reject" prevents delivery; not just moving to SPAM).
This will affect everybody using an @common-lisp.net mail address with their own mail server.
Does this affect anybody on this mailing list? Any comments with respect to the stricter policy?
Regards,
Erik.
Hi Philipp,
On Tue, Aug 27, 2024 at 8:16 AM Philipp Marek philipp@marek.priv.at wrote:
Does this affect anybody on this mailing list? Any comments with respect to the stricter policy?
Thanks for the hard work
My biggest worry is about notifications and error messages to admin@
not arriving
You mean because of the fact that more mails might classified as SPAM on our host?
If that's your worry, I can say that that's not the impact of this setting: the "quarantine" value is read from DNS by hosts processing mail claiming to originate from the @common-lisp.net domain. These processors establish the authenticity of the mail through SPF and DKIM. If the authenticity test fails, the current setting ("none") has no effect on mail delivery. The proposed value ("quarantine") does have effect on mail delivery: the value requests to separate from the regular mail flow. Most mail providers do this by sending those mails straight to SPAM.
Either way, we will receive reports from the big mail processing companies (fastmail, zoho, microsoft, google, ...) describing what they did with mail flow coming from @common-lisp.net. There are applications to process these mails to have (visual) integrated reports; we don't have that software in place at the moment. It would be nice to process the individual reports into a visualization like that. Maybe that's something someone else can work on.
-
Erik Huelsmann -
Jon Boone -
Philipp Marek