Re: Gmail bounce unauthenticated @debian.org addresses

To: "LeJacq, Jean Pierre" <jeanpierre.lejacq@quoininc.com>, debian-devel@lists.debian.org
Subject: Re: Gmail bounce unauthenticated @debian.org addresses
From: Baptiste Beauplat <lyknode@cilg.org>
Date: Fri, 4 Mar 2022 15:45:21 +0100
Message-id: <[🔎] 2480c3d2-7502-8d41-7ec2-ae1baad5be90@cilg.org>
In-reply-to: <[🔎] 3389834.UsjPSZ9t33@qipf1y4mle>
References: <[🔎] 06bc6f3a-fa03-2b5e-a2b5-543c5973be60@cilg.org> <[🔎] YiIWslWuyJgHKIk+@shell.thinkmo.de> <[🔎] 06a42cf4-609e-b037-62c4-f273baccd3f1@cilg.org> <[🔎] 3389834.UsjPSZ9t33@qipf1y4mle>

On 3/4/22 15:41, LeJacq, Jean Pierre wrote:
> Google uses a number of criteria when blocking. A missing DKIM is just one. 
> See the referenced document:
> 
> https://support.google.com/mail/answer/81126
> 
> One of the problems here is that mentors.debian.net does not have the standard 
> email security DNS records  - SPF, DKIM, DMARC, MTA-TLS, DANE. This doesn't 
> automatically cause Google to classify as spam but we really should have these 
> in place to protect email.
> 
> As an example, we may be spoofing mentors.debian.net with wv-debian-
> mentors1.wavecloud.de (not 100% clear with the headers provided). SPF could 
> handle this.

Indeed we are looking into it for mentors.

However for SPF, if I'm not mistaken, this is not possible for
@debian.org addresses since Debian does not offers an MSA and therefor
not a single (or enumerable list of) exit point.

-- 
Baptiste Beauplat - lyknode

Reply to:

Follow-Ups:
- Re: Gmail bounce unauthenticated @debian.org addresses
  - From: Ansgar <ansgar@debian.org>
- Re: Gmail bounce unauthenticated @debian.org addresses
  - From: "LeJacq, Jean Pierre" <jeanpierre.lejacq@quoininc.com>

References:
- Gmail bounce unauthenticated @debian.org addresses
  - From: Baptiste Beauplat <lyknode@cilg.org>
- Re: Gmail bounce unauthenticated @debian.org addresses
  - From: Bastian Blank <waldi@debian.org>
- Re: Gmail bounce unauthenticated @debian.org addresses
  - From: Baptiste Beauplat <lyknode@cilg.org>
- Re: Gmail bounce unauthenticated @debian.org addresses
  - From: "LeJacq, Jean Pierre" <jeanpierre.lejacq@quoininc.com>

Prev by Date: Re: Gmail bounce unauthenticated @debian.org addresses
Next by Date: DKIM and Exim (was Re: Gmail bounce unauthenticated @debian.org addresses)
Previous by thread: Re: Gmail bounce unauthenticated @debian.org addresses
Next by thread: Re: Gmail bounce unauthenticated @debian.org addresses
Index(es):
- Date
- Thread