23 Sep
2017
23 Sep
'17
4:12 p.m.
On Sat, Sep 23, 2017 at 03:05:47AM -0600, Grant Taylor wrote:
I have leading industry standard email security enabled on my email. Things
like DKIM and DMARC which are specifically designed to tell receiving email
servers where email from my domain should come from and what to do with
email that does not come from my servers.
DMARC is only useful if you are worried about people trying to use
your domain for phishing purposes. This is more of an issue for
Paypal.com and bankofamerica.com. In general it's not really an issue
for thunk.org and tnetconsulting.net.
DKIM and SPF are useful if you need to interoperate with big, free
e-mail systems such as Yahoo, AOL, and Google which are *using* DMARC.
Using DKIM and SPF are useful in trying avoid your site from falsely
being accused as being a spammer.
DMARC has no real value, and in fact has negative value, as it means
that when you send e-mail from a DMARC site that causes other people
to be ejected off of mailing lists, the mailing list administrator may
decide that you are actively causing harm to the community, and simply
prevent you from sending mail to the mailing list all.
Other proposed solutions is to have the mailing list software detect
that you are using DMARC, and only having *your* postings munged so
the from field says thus(a)minnie.tugs.org, instead of
gtaylor(a)tnetconsulting.net. That way only people who are using mail
systems with DMARC get their From field munged, instead of punishing
everyone using the mailing list.
- Ted