[SAC] [OSGeo] #2475: OSGeo mail server on DNS blocklist
OSGeo
trac_osgeo at osgeo.org
Tue Dec 8 19:56:39 PST 2020
#2475: OSGeo mail server on DNS blocklist
-----------------------------------+------------------------
Reporter: Jeff McKenna | Owner: jsanz
Type: task | Status: new
Priority: critical | Milestone: Unplanned
Component: Mails & Mailing Lists | Resolution:
Keywords: mailman |
-----------------------------------+------------------------
Changes (by robe):
* priority: normal => critical
Comment:
Flipping this to critical as people have been complaining to me about it
from gdal-dev and libtiff.
As I mentioned to in email which is not on this ticket. Mailman provides
these possible fixes
https://wiki.list.org/DEV/DMARC
So sounds like we need to munge the FROM (I guess somehow leaving out the
identity of the person who posted the message) so that their domain
doesn't report back with "OSGEO can't send mail on behalf"
{{{
> >>> ARC-Authentication-Results: i=1; mx.google.com;
> >>> dkim=neutral (body hash did not verify) header.i=@mapbox.com
> >>> header.s=google header.b=UDqlMKw4;
> >>> spf=pass (google.com: domain of
> >>> gdal-dev-bounces at lists.osgeo.org designates 140.211.15.3 as
> >>> permitted
> >>> sender) smtp.mailfrom=gdal-dev-bounces at lists.osgeo.org;
> >>> dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE)
> >>> header.from=mapbox.com ...
}}}
As far as I can tell, the issue arises if a domain we are sending on
behalf for has dmarc check turned on. It may also depend on the receiving
end to verify the dmarc check, not sure all providers do or not. It's a
non-issue if dmarc check required is not enabled on the "on behalf of"
domain.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2475#comment:27>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list