Re: @debian.org mail

To: debian-devel@lists.debian.org
Subject: Re: @debian.org mail
From: Daniel Lange <DLange@debian.org>
Date: Mon, 3 Jun 2019 10:40:26 +0200
Message-id: <[🔎] 160b8de3-fb17-3226-d4c5-6ae1df83ac4e@debian.org>
In-reply-to: <871s0g2y2o.fsf@err.no>
References: <871s0g2y2o.fsf@err.no>

We (debian/DSA) do not provide email hosting. We provide email
forwarding.


DSA should re-evaluate that.

We run into more and more problems sending from @debian.org emailaddresses as the three big players in email ratchet up their anti-spammeasures.

They are hosting a huge share of our users' email and the same forprospective contributors:

<https://daniel-lange.com/archives/150-Google-GMail-continues-to-own-the-email-market,-Microsoft-is-catching-up.html>

The default reply for missing wafer confirmation emails (the softwarerunning debconf19.debconf.org) and missing salsa password reset emailsis "check your Spam folder". Debian.org doesn't have a SPF record somail submitted from such Debian machines is a bit in a limbo.

We have more people registered for DebConf ("the Debian Developers'conference") with @gmail.com than @debian.org addresses.

Mail submitted from DD's private IPs frequently gets flagged as spamregardless of content by all three big players and - if submitted viaIPv6 - refused directly by Google. Microsoft and Yahoo still run theirMXs IPv4 only. But we can expect a similar policy once they add IPv6SMTPs at scale. And they won't warn us up-front.The missing SPF record mentioned above means there is a lot of spamcirculating with @debian.org fake senders and obviously our opensubmission policy on many mailing-lists and @debian.org technicaladdresses also fan out quite some spam. So we're not the best netizenswe could be.

To do better, we should really offer SMTP submission/IMAP services for@debian.org as soon as possible and - after a grace period - publish amx -all SPF record.

Google has added mailly and muffat to their internalhas-no-proper-SPF-policy-whitelist (thank you!). This will obviouslyincrease the problems for people not sending via Debian machines downthe road.Which is why a few people - including me - now route outbound via theseDebian MX machines. That's a work-around for the technically inclinedbut won't really scale.

People have tried mending the gap by offering accounts on their personalinfrastructure to fellow developers (and thanks for that Tollef and others).

We like people to use their @debian.org or @debconf.org email addresswhen reaching out to sponsors and suppliers as this adds (perceived)credibility and (true) visibility. So we should make it easy for peopleto use those email addresses.

Just maintaining the status-quo of email-forwarding only seems past itsuseful life time.


Kind regards,
Daniel

P.S.: I have offered helping to run email services to DSA in the past.

I don't only complain. But DSA has the issue of them having to runcommitted infrastructure in the end. So if - for example - the Salsateam were not wanting to run salsa.debian.org anymore, DSA would end uphaving to add this to their work load. This is why DSA need toprioritize email regardless of who will set it up and run it initially.

Reply to:

Follow-Ups:
- Re: @debian.org mail
  - From: Jonathan Carter <jcc@debian.org>
- Re: @debian.org mail
  - From: Marco d'Itri <md@Linux.IT>
- Re: @debian.org mail
  - From: Sam Hartman <hartmans@debian.org>
- Re: @debian.org mail
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: @debian.org mail
  - From: Graham Inggs <ginggs@debian.org>
- Re: @debian.org mail
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: @debian.org mail
  - From: Bjørn Mork <bjorn@mork.no>

Prev by Date: Re: Buster/XFCE unlock screen is blank
Next by Date: Re: @debian.org mail
Previous by thread: Re: paying people for Debian work (Re: Why do we take so long to realise good ideas
Next by thread: Re: @debian.org mail
Index(es):
- Date
- Thread