#Google no longer accepts unauthenticated email (that doesn’t pass either #spf or #dkim).
I suppose I can start doing that on my mail server as well now.
https://www.spamresource.com/2023/09/gmail-now-rejecting-unauthenticated-mail.html
#dkim
It took way too long, but my #ChatOps quest continues. Today I finished adding #Matrix support to my #Dovecot Sieve scripts, so that things like #DKIM and MTA-STS TLS reports could go to a matrix chat channel rather than sitting in a mail folder. Basically I now have an email 👉️ matrix bridge.
It took a fair amount of fussing about, mostly because (a) it takes matrix commander (a Matrix CLI) a long time to post a message to Synapse (read: more than ten seconds), (b) Dovecot’s documentation for altering settings for external scripts is byzantine, and (c) rather than cramming matrix commander into my already bloated Dovecot #Docker image I wanted to use the Docker image they provide, and I needed to work out a way to invoke matrix-commander from another container on the same pod.
But now it’s done, and I have another vector for #admin alerts that I can coalesce into a single place for easy review.
Damn. Looks like Google is going to enforce DMARC for email sent to Gmail now for even more sites than ever before.
DMARC is a combination of a dodgy message signing scheme (DKIM) combined with an entirely stupid and misguided way of trying to advertise the valid origins for a domain's email (SPF).
This may help cut down spam a wee bit, though I doubt it (most spam I still see is DKIM signed at least any may even be fully DMARC compliant)
However it's also going to bounce a lot of legitimate email in the near term.
Unfortunately they are not considering PGP-signed messages as "authenticated".
Je recherche de l' #aide pour utiliser #SPF et "valider" mais #email
car j'en ai marre d'être tout le temps marqué comme spam ...
J'ai vérifié que mon domaine n'était pas pourri avec ce site : http://www.mxtoolbox.com/blacklists.aspx
Spoiler : tout va bien.
J'ai trouvé cette aide : https://qastack.fr/server/369460/what-are-spf-records-and-how-do-i-configure-them
Ce configurateur : https://www.spfwizard.com/
L'aide de mon hébergeur : https://docs.gandi.net/fr/noms_domaine/faq/type_enregistrements_dns/spf_record.html
L'aide Google : https://support.google.com/mail/answer/9981691?visit_id=637841344211415206-3188000914&rd=1
Je voudrai être sur de la syntaxe qui pour le moment me parait obscur.
Voici ce que j'ai compris: dans la zone DNS de mon domaine, je dois rajouter une entrée DNS sous forme TXT avec les instructions SPF. Est-ce juste cela ? o.O?
Question annexe, avantage de SPF par rapport à #DKIM ?
● NEWS ● #uniToronto ☞ Some things on strict and relaxed #DKIM alignment in #DMARC https://utcc.utoronto.ca/~cks/space/blog/spam/DMARCAndDKIMAlignment
● NEWS ● #uniToronto ☞ Notes on using #DKIM in a #DMARC world https://utcc.utoronto.ca/~cks/space/blog/spam/DKIMWithDMARCNotes
If a domain signs its outgoing mails with #DKIM but does not publish the corresponding pubkey in the DNS - is there a canonical way how to handle those mails on the receiving mail server?
● NEWS ● #SimonAndrews #Standards #DKIM ☞ I figured out how #DMARC works, and it almost broke me https://simonandrews.ca/articles/how-to-set-up-spf-dkim-dmarc