[TUHS] Excessive bouncing ... argh!

Theodore Ts'o tytso at mit.edu
Sun Sep 24 00:12:32 AEST 2017


On Sat, Sep 23, 2017 at 03:05:47AM -0600, Grant Taylor wrote:
> 
> I have leading industry standard email security enabled on my email. Things
> like DKIM and DMARC which are specifically designed to tell receiving email
> servers where email from my domain should come from and what to do with
> email that does not come from my servers.

DMARC is only useful if you are worried about people trying to use
your domain for phishing purposes.  This is more of an issue for
Paypal.com and bankofamerica.com.  In general it's not really an issue
for thunk.org and tnetconsulting.net.

DKIM and SPF are useful if you need to interoperate with big, free
e-mail systems such as Yahoo, AOL, and Google which are *using* DMARC.
Using DKIM and SPF are useful in trying avoid your site from falsely
being accused as being a spammer.

DMARC has no real value, and in fact has negative value, as it means
that when you send e-mail from a DMARC site that causes other people
to be ejected off of mailing lists, the mailing list administrator may
decide that you are actively causing harm to the community, and simply
prevent you from sending mail to the mailing list all.

Other proposed solutions is to have the mailing list software detect
that you are using DMARC, and only having *your* postings munged so
the from field says thus at minnie.tugs.org, instead of
gtaylor at tnetconsulting.net.  That way only people who are using mail
systems with DMARC get their From field munged, instead of punishing
everyone using the mailing list.

						- Ted



More information about the TUHS mailing list