Help Re: anti-abuse-wg Digest, Vol 73, Issue 5
Sent from my iPhone
On Dec 19, 2017, at 11:00 AM, anti-abuse-wg-request@ripe.net wrote:
Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit https://lists.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net
You can reach the person managing the list at anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. DMARC Solution Applied to this Mailing List (Adam Castle) 2. Re: DMARC Solution Applied to this Mailing List (ox) 3. Re: DMARC Solution Applied to this Mailing List (ox) 4. Re: DMARC Solution Applied to this Mailing List (Gert Doering) 5. Re: DMARC Solution Applied to this Mailing List (ox)
----------------------------------------------------------------------
Message: 1 Date: Mon, 18 Dec 2017 12:29:01 +0100 From: Adam Castle <acastle@ripe.net> To: anti-abuse-wg@ripe.net Subject: [anti-abuse-wg] DMARC Solution Applied to this Mailing List Message-ID: <a2863ca3-d7f8-6b1e-a1db-3fb8c5af8c35@ripe.net> Content-Type: text/plain; charset=utf-8; format=flowed
Dear Working Group,
As more email providers enable Domain Message Authentication Reporting & Conformance (DMARC), some people find they can no longer receive emails from the mailing lists they are subscribed to. We have deployed a Mailman setting change to address this problem.
After consultation with the RIPE Working Group Chairs, we have enabled the DMARC "Munge From" setting on all RIPE mailing lists. This means that if your email service provider has DMARC enabled, you will continue to receive all emails sent to this mailing list, but the "From" part of the header will change. If you don't have DMARC enabled, you won't see any change to the emails you receive from this mailing list.
You can find more information about how we have been handling DMARC in the following RIPE Labs articles:
https://labs.ripe.net/Members/adam_castle/dmarc-and-the-ripe-ncc
https://labs.ripe.net/Members/adam_castle/ripe-mailing-lists-and-dmarc
To ensure all working group participants are aware of the changes, I am sending this mail to all working groups. If you have any questions or encounter any issues on this mailing list, please let me know.
Many thanks.
Adam Castle Web Services Manager RIPE NCC
------------------------------
Message: 2 Date: Mon, 18 Dec 2017 14:16:43 +0200 From: ox <andre@ox.co.za> To: Adam Castle <acastle@ripe.net> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DMARC Solution Applied to this Mailing List Message-ID: <mailman.4.1513681201.2983.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=US-ASCII
Hi Adam,
Please enlighten me why RIPE does not support publish any SPF records?
I do see the RRSIG, so am keen on understanding why RIPE supports DMARC and no SPF?
Andre
-- dig TXT ripe.net ; <<>> DiG 9.9.9-P1 <<>> TXT ripe.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25373 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ripe.net. IN TXT
;; AUTHORITY SECTION: ripe.net. 299 IN SOA manus.authdns.ripe.net. dns.ripe.net. 1513415885 3600 600 864000 300
On Mon, 18 Dec 2017 12:29:01 +0100 Adam Castle <acastle@ripe.net> wrote:
Dear Working Group,
As more email providers enable Domain Message Authentication Reporting & Conformance (DMARC), some people find they can no longer receive emails from the mailing lists they are subscribed to. We have deployed a Mailman setting change to address this problem.
After consultation with the RIPE Working Group Chairs, we have enabled the DMARC "Munge From" setting on all RIPE mailing lists. This means that if your email service provider has DMARC enabled, you will continue to receive all emails sent to this mailing list, but the "From" part of the header will change. If you don't have DMARC enabled, you won't see any change to the emails you receive from this mailing list.
You can find more information about how we have been handling DMARC in the following RIPE Labs articles:
https://labs.ripe.net/Members/adam_castle/dmarc-and-the-ripe-ncc
https://labs.ripe.net/Members/adam_castle/ripe-mailing-lists-and-dmarc
To ensure all working group participants are aware of the changes, I am sending this mail to all working groups. If you have any questions or encounter any issues on this mailing list, please let me know.
Many thanks.
Adam Castle Web Services Manager RIPE NCC
------------------------------
Message: 3 Date: Mon, 18 Dec 2017 14:23:06 +0200 From: ox <andre@ox.co.za> To: Adam Castle <acastle@ripe.net> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DMARC Solution Applied to this Mailing List Message-ID: <mailman.5.1513681201.2983.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=US-ASCII
I just realised that my question is confusing :)
I mean
RIPE does not have dmarc or spf (but does dnssec) so, for me, my spam filters score points on lack of SPF or even hard bounce on wrong SPF
RIPE emails (from the mailing list) attracts points - for not having SPF
So, more directly, I am asking if it is possible to add SPF even with a "~" is fine?
Andre
On Mon, 18 Dec 2017 14:16:43 +0200 ox <andre@ox.co.za> wrote:
Hi Adam,
Please enlighten me why RIPE does not support publish any SPF records?
I do see the RRSIG, so am keen on understanding why RIPE supports DMARC and no SPF?
Andre
-- dig TXT ripe.net ; <<>> DiG 9.9.9-P1 <<>> TXT ripe.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25373 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ripe.net. IN TXT
;; AUTHORITY SECTION: ripe.net. 299 IN SOA manus.authdns.ripe.net. dns.ripe.net. 1513415885 3600 600 864000 300
On Mon, 18 Dec 2017 12:29:01 +0100 Adam Castle <acastle@ripe.net> wrote:
Dear Working Group,
As more email providers enable Domain Message Authentication Reporting & Conformance (DMARC), some people find they can no longer receive emails from the mailing lists they are subscribed to. We have deployed a Mailman setting change to address this problem.
After consultation with the RIPE Working Group Chairs, we have enabled the DMARC "Munge From" setting on all RIPE mailing lists. This means that if your email service provider has DMARC enabled, you will continue to receive all emails sent to this mailing list, but the "From" part of the header will change. If you don't have DMARC enabled, you won't see any change to the emails you receive from this mailing list.
You can find more information about how we have been handling DMARC in the following RIPE Labs articles:
https://labs.ripe.net/Members/adam_castle/dmarc-and-the-ripe-ncc
https://labs.ripe.net/Members/adam_castle/ripe-mailing-lists-and-dmarc
To ensure all working group participants are aware of the changes, I am sending this mail to all working groups. If you have any questions or encounter any issues on this mailing list, please let me know.
Many thanks.
Adam Castle Web Services Manager RIPE NCC
------------------------------
Message: 4 Date: Mon, 18 Dec 2017 16:46:37 +0100 From: Gert Doering <gert@space.net> To: ox <andre@ox.co.za> Cc: Adam Castle <acastle@ripe.net>, anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DMARC Solution Applied to this Mailing List Message-ID: <20171218154637.GV45648@Space.Net> Content-Type: text/plain; charset="us-ascii"
Hi,
On Mon, Dec 18, 2017 at 02:16:43PM +0200, ox wrote: Please enlighten me why RIPE does not support publish any SPF records?
I do see the RRSIG, so am keen on understanding why RIPE supports DMARC and no SPF?
Adam did not state RIPE NCC would "support DMARC". DMARC is full of shit.
What the RIPE NCC does is "activate workarounds to avoid mailing list issues caused by other people running their domain with p=reject".
Gert Doering -- APWG chair -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
participants (1)
-
Ervin Radosavlevici