On Thu, Jan 14, 2016 at 08:56:52PM -0500, Jason White wrote:
Russell Coker via luv-main <luv-main@luv.asn.au> wrote:
On Fri, 15 Jan 2016 09:52:30 AM Tony Langdon via luv-main wrote:
Facebook is now compelling sysadmins to use SPF or DKIM. This isn't going to go away. It's only a matter of time before Internode starts using DKIM to placate Facebook.
Looks like it's a case of having to follow suit., like it or not.
well, SPF is fine. no problem with that. DKIM is an ill-conceived abomination. It actually cares about the *headers* in a message rather than the **envelope*. To an MTA, headers are irrelevant, they're just comments....what matters is the envelope sender address and the envelope recipient address. And worse, DKIM cares about the From: header rather than the Sender: header. This is just broken in every possible way.
Yes. I'd appreciate it if people would stop acting like I'm doing something I want to do here. I just want mail to go through reliably and I'm doing what is necessary to achieve that goal.
unfortunately, you stil haven't impleemnted the minimum-damage option that only munges posts that are sent by users from domains that implement DKIM (like google or yahoo), and leaves other mail alone. it's not like anyone ever posts from those domains to our lists anyway. which is one of the more annoying things about this issue - the configuration messes things up for active participants on the list, and it doesn't even provide any benefit to the lurkers who never say or contribute anything. That's entirely the wrong thing to do. those who contribute may well stop bothering if they get annoyed enough, and non-contributors won't step forward to replace them...if they were inclined to, they'd already be posting. driving away those who write the posts (that both they and the lurkers read) is self-defeating.
Widespread use of DMARC will result in changes to well established conventions.
IMO it's an attempt by major corporate players to completely take over email so that no email is ever sent that they don't get a copy of to examine and index and use to build up profiles on individuals. and to sell to the NSA etc of course. Message forgery is a solved problem. SPF works. DKIM is a) overkill and b) unnecesary. If individual senders need more identity verification than SPF, there are numerous encryption and signing options available....with support built in to many MUAs.
I don't personally object to having the list server rewrite the "From" field and add a "Reply-to" header that designates the original sender; but some people have needs which differ from mine, and for them it can be an inconvenience.
NO! those who refuse to learn from history are doomed to repeat the same damned stupid mistakes. This issue was settled definitively in the 90s. Mailing lists should *never*, under any circumstances, mess with the Reply-To header. That belongs solely to the original sender. Lists have several alternatives they can use, including Mail-Followup-To: and List-Post: and Lists shouldn't mess with the From: header, either. No matter what corporate vermin demand. WGAF what facebook wants? how many emails from luv lists ever go to facebook? craig -- craig sanders <cas@taz.net.au>