Skip to Content.
Sympa Menu

cacert-sysadm - Re: Violations in DMARC Aggregate Report

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

Re: Violations in DMARC Aggregate Report


Chronological Thread 
  • From: Benny Baumann <benbe AT cacert.org>
  • To: cacert-sysadm AT lists.cacert.org
  • Subject: Re: Violations in DMARC Aggregate Report
  • Date: Sun, 16 Nov 2014 00:32:40 +0100

Hi Mario,

Am 15.11.2014 um 12:00 schrieb Mario Lipinski:
> Hi Uwe,
>
> imho you should not set '-all' for domains you are using for services
> that include mail redirection, such as mailing lists.
>
An even better practice is Sender Rewriting on the part of the mailing
list server, thus the envelope sender of the mail originating from the
mailing list becomes CAcert and thus the CAcert ML SPF records apply.
It's a known problem with SPF deployment but hardly ever addressed anywhere.

> Mario
>
Regards,
BenBE.

> Am 15.11.2014 11:25, schrieb "Disch, Uwe (Disch Engineering™)":
>> the actual setup of the list servers of cacert.org violates DMARC.
>>
>> The list mail servers should not send e-mails for which them not
>> authorized to do so (mainly SPF rule violation). See attachments for
>> more info.
>
>


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature




Archive powered by MHonArc 2.6.18.

Top of Page