1. Forum
  2. Usenet
  3. LINUX.DEBIAN.USER

  • {OT] Mailing lists etc for postmasters

    From Gareth Evans@21:1/5 to All on Fri Mar 1 02:50:01 2024
    I have somehow only just discovered that Gmail, Apple and Yahoo are introducing, or have recently introduced, DMARC requirements for senders.

    See for exmaple https://www.proofpoint.com/us/blog/email-and-cloud-threats/google-and-yahoo-set-new-email-authentication-requirements

    Can anyone recommend good mailing lists or other resources for people who look after email servers/services? It takes up little of my work, but an area of interest.

    I half expected to be able to find mailing lists for postmasters run by the big email service providers, but ddg was bare.

    Gmail's blog looks more marketingy than anything, but potentially useful https://blog.google/products/gmail/

    I am subscribed to mailop (though don't read it as often as I should!) but from a mail search there doesn't seem to have been anything there about this recently.

    Many thanks,
    Gareth

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From tomas@tuxteam.de@21:1/5 to Gareth Evans on Fri Mar 1 06:50:01 2024
    On Fri, Mar 01, 2024 at 01:42:07AM +0000, Gareth Evans wrote:
    I have somehow only just discovered that Gmail, Apple and Yahoo are introducing, or have recently introduced, DMARC requirements for senders.

    See for exmaple https://www.proofpoint.com/us/blog/email-and-cloud-threats/google-and-yahoo-set-new-email-authentication-requirements

    Can anyone recommend good mailing lists or other resources for people who look after email servers/services? It takes up little of my work, but an area of interest.

    Me too :)

    ISTR that there was a mention of such a thing here in debian-user@,
    but my search-fu hasn't been up to the challenge of finding it.

    OTOH, my memory could be playing games on me.

    Cheers
    --
    t

    -----BEGIN PGP SIGNATURE-----

    iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZeFrEAAKCRAFyCz1etHa RmIRAKCCMVG9Xgp6FP7tX6uG2MKtH9kapQCePHKBbFheflOTnWHPMXP3O8bEsec=
    =Bgln
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Fri Mar 1 09:30:01 2024
    Am 01.03.2024 schrieb "Gareth Evans" <donotspam@fastmail.fm>:

    I am subscribed to mailop (though don't read it as often as I
    should!) but from a mail search there doesn't seem to have been
    anything there about this recently.

    That topic has been discussed there, you can find those discussions in
    the archive (you need to be subscribed to read it).

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Grant@21:1/5 to tomas@tuxteam.de on Fri Mar 1 09:30:01 2024
    ------3GYPAO2QK56NO2ZS9WF7211BG0PIC4
    Content-Type: text/plain;
    charset=utf-8
    Content-Transfer-Encoding: quoted-printable

    https://list.mailop.org/listinfo/mailop

    And the main page
    https://www.mailop.org/


    On 1 March 2024 05:43:44 GMT, tomas@tuxteam.de wrote:
    On Fri, Mar 01, 2024 at 01:42:07AM +0000, Gareth Evans wrote:
    I have somehow only just discovered that Gmail, Apple and Yahoo are introducing, or have recently introduced, DMARC requirements for senders.

    See for exmaple
    https://www.proofpoint.com/us/blog/email-and-cloud-threats/google-and-yahoo-set-new-email-authentication-requirements

    Can anyone recommend good mailing lists or other resources for people who look after email servers/services? It takes up little of my work, but an area of interest.

    Me too :)

    ISTR that there was a mention of such a thing here in debian-user@,
    but my search-fu hasn't been up to the challenge of finding it.

    OTOH, my memory could be playing games on me.

    Cheers
    --
    t

    ------3GYPAO2QK56NO2ZS9WF7211BG0PIC4
    Content-Type: text/html;
    charset=utf-8
    Content-Transfer-Encoding: quoted-printable

    <html><head></head><body><div dir="auto"><a href="https://list.mailop.org/listinfo/mailop">https://list.mailop.org/listinfo/mailop</a><br><br>And the main page <br><a href="https://www.mailop.org/">https://www.mailop.org/</a><br></div><br><br><div class="
    gmail_quote"><div dir="auto">On 1 March 2024 05:43:44 GMT, tomas@tuxteam.de wrote:</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
    <pre class="k9mail"><div dir="auto">On Fri, Mar 01, 2024 at 01:42:07AM +0000, Gareth Evans wrote:<br></div><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"><div dir="auto">I have
    somehow only just discovered that Gmail, Apple and Yahoo are introducing, or have recently introduced, DMARC requirements for senders.<br><br>See for exmaple<br><a href="https://www.proofpoint.com/us/blog/email-and-cloud-threats/google-and-yahoo-set-new-
    email-authentication-requirements">https://www.proofpoint.com/us/blog/email-and-cloud-threats/google-and-yahoo-set-new-email-authentication-requirements</a><br><br>Can anyone recommend good mailing lists or other resources for people who look after email
    servers/services? It takes up little of my work, but an area of interest.<br></div></blockquote><div dir="auto"><br>Me too :)<br><br>ISTR that there was a mention of such a thing here in debian-user@,<br>but my search-fu hasn't been up to the challenge
    of finding it.<br><br>OTOH, my memory could be playing games on me.<br><br>Cheers<br></div></pre></blockquote></div></body></html>
    ------3GYPAO2QK56NO2ZS9WF7211BG0PIC4--

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From tomas@tuxteam.de@21:1/5 to Michael Grant on Fri Mar 1 09:50:01 2024
    On Fri, Mar 01, 2024 at 08:19:42AM +0000, Michael Grant wrote:
    https://list.mailop.org/listinfo/mailop

    And the main page
    https://www.mailop.org/

    Thanks abig bunch!
    --
    tomás

    -----BEGIN PGP SIGNATURE-----

    iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZeGU1QAKCRAFyCz1etHa RtJ/AJ4lf2I5nwnB+47PyxvJtI3X0CBk3gCdES8a2Xvlcvbn/i/fHTe8JrmTXUU=
    =rfod
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Smith@21:1/5 to Gareth Evans on Fri Mar 1 10:20:01 2024
    Hi,

    On Fri, Mar 01, 2024 at 01:42:07AM +0000, Gareth Evans wrote:
    I have somehow only just discovered that Gmail, Apple and Yahoo
    are introducing, or have recently introduced, DMARC requirements
    for senders.

    Just for the record, the Authentication part of DMARC is done with
    SPF and/or DKIM; the large mailbox providers actually (since 1 Feb)
    require *either* SPF *or* DKIM passes, or both if you are a bulk
    sender (thousands of mails per day).

    DMARC itself remains optional (but recommended) and once taken
    separately from SPF and DKIM is mainly a reporting mechanism.

    I am subscribed to mailop (though don't read it as often as I
    should!) but from a mail search there doesn't seem to have been
    anything there about this recently.

    This has been discussed at length on mailop since well back in 2023.

    Thanks,
    Andy

    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Gareth Evans@21:1/5 to Andy Smith on Fri Mar 1 12:10:01 2024
    On Fri 01/03/2024 at 09:18, Andy Smith <andy@strugglers.net> wrote:

    Just for the record, the Authentication part of DMARC is done with
    SPF and/or DKIM; the large mailbox providers actually (since 1 Feb)
    require *either* SPF *or* DKIM passes, or both if you are a bulk
    sender (thousands of mails per day).

    DMARC itself remains optional (but recommended) and once taken
    separately from SPF and DKIM is mainly a reporting mechanism.

    https://support.google.com/a/answer/81126?hl=en#requirements-5k&zippy=%2Crequirements-for-sending-or-more-messages-per-day%2Crequirements-for-all-senders

    mentions DMARC in requirements for all senders:

    "Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery."

    but only explicitly requires it in requirements for senders of >5,000 messages a day:

    "Set up DMARC email authentication for your sending domain ..."

    ...which is not quite as clear as it might be.

    Can a "DMARC quarantine enforcement policy" operate, if the sender doesn't use DMARC? This idea seems to relate more to SPF than anything?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Gareth Evans@21:1/5 to Andy Smith on Fri Mar 1 12:30:01 2024
    On Fri 01/03/2024 at 11:16, Andy Smith <andy@strugglers.net> wrote:
    Hi,

    On Fri, Mar 01, 2024 at 11:00:13AM +0000, Gareth Evans wrote:
    "Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery."

    Talks about gmail's own use of DMARC, not the sender's.

    That makes perfect sense :)

    Can a "DMARC quarantine enforcement policy" operate, if the sender
    doesn't use DMARC? This idea seems to relate more to SPF than
    anything?

    gmail's own policy is quarantine so if you send from somewhere that
    isn't gmail, while pretending to be from a gmail property, gmail
    indicates that it wishes¹ for your email to be quarantined by the
    recipient.

    So does that.

    Thanks,.
    Andy

    ¹ Even receiving sites that process DMARC sometimes don't carry out
    the DMARC author's wishes. As a common example that most of us
    will have seen, Mailman mailing lists will often just selectively
    rewrite the headers.

    Yes.

    Thanks very much.
    G


    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Smith@21:1/5 to Gareth Evans on Fri Mar 1 12:20:01 2024
    Hi,

    On Fri, Mar 01, 2024 at 11:00:13AM +0000, Gareth Evans wrote:
    https://support.google.com/a/answer/81126?hl=en#requirements-5k&zippy=%2Crequirements-for-sending-or-more-messages-per-day%2Crequirements-for-all-senders

    mentions DMARC in requirements for all senders:

    "Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery."

    Talks about gmail's own use of DMARC, not the sender's.

    Can a "DMARC quarantine enforcement policy" operate, if the sender
    doesn't use DMARC? This idea seems to relate more to SPF than
    anything?

    gmail's own policy is quarantine so if you send from somewhere that
    isn't gmail, while pretending to be from a gmail property, gmail
    indicates that it wishes¹ for your email to be quarantined by the
    recipient.

    Thanks,.
    Andy

    ¹ Even receiving sites that process DMARC sometimes don't carry out
    the DMARC author's wishes. As a common example that most of us
    will have seen, Mailman mailing lists will often just selectively
    rewrite the headers.

    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Gareth Evans@21:1/5 to Gareth Evans on Fri Mar 1 12:20:01 2024
    On Fri 01/03/2024 at 11:00, Gareth Evans <donotspam@fastmail.fm> wrote:
    This idea seems to relate more to SPF than anything?

    Or DKIM, indeed, as you say Andy, at least one of which is the authentication component.
    Documentation could be clearer.

    Thanks
    G

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)