Testing updated SPF record
Ming
ming at pgp.cool
Sat Nov 28 04:06:54 UTC 2020
On Sat, Nov 28, 2020 at 03:04:16AM +0000, ಚಿರಾಗ್ ನಟರಾಜ್ wrote:
> 28/11/20 10:33 ನಲ್ಲಿ, Ming <ming at pgp.cool> ಬರೆದರು:
> > On Fri, Nov 27, 2020 at 01:26:06PM +0000, ಚಿರಾಗ್ ನಟರಾಜ್ wrote:
> > > Testing updated record :P
> > >
> > > By the way, if anyone has a better way of testing whether an SPF record is working correctly, please let me know! I don't really want to spam the list with these kinds of emails unless I have to, although I *think* this should work.
> > >
> > > 26/11/20 18:14 ನಲ್ಲಿ, ಚಿರಾಗ್ ನಟರಾಜ್ <mailinglist at chiraag.me> ಬರೆದರು:
> > > > Please ignore. I'm trying to see whether I get tons of DMARC reports after I updated my SPF record on my domain.
> >
> > You can use some free online tools, like:
> > http://www.mail-tester.com/
> > https://dkimvalidator.com/
> >
> > They all include detection of SPF records.
>
> Yes, I can see what the records are using a variety of methods (including those sites). However, it's hard for me to tell if sending emails to this list will trigger DMARC records due to SPF, and those sites don't help with that. Regardless, I *think* this should be fixed after editing my SPF record.
In fact, I think the DMARC problem is unsolvable.
I am running a mail server of my own. In the DMARC report I received,
all the detections of SPF records form the mail forwarded through
mailing list were fail (some dkim records also fail, like
lists.claws-mail.org, it will modify your email subject).
This is an obvious problem. As a forwarder, the mailing list is
"pretending" to be us sending emails (The From field in the mail forwarded
through the mailing list is still us). Add ip address of the
mailing list to your SPF record may solve the problem, but I don’t think
you can add the ip addresses of all mailing lists. Unless you can
guarantee that you will not join new mailing lists, you have to modify
the SPF records frequently.
If you just don’t want to receive tons of DMARC reports, I don’t think
you should set the rua item in your DMARC records. "rua" is used for
aggregate feedback, even if your spf and dkim are both pass in auth
results, they will still send a DMARC reports to you(at least for gmail).
--
OpenPGP fingerprint: 3C47 5977 4819 267E DD64 C7E4 6332 5675 A739 C74E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20201128/33e830c2/attachment-0001.asc>
More information about the Mutt-users
mailing list