Request: Please sign this list's messages via DKIM or SPF
lists at binarus.de
Tue Apr 5 11:00:38 EDT 2016
On 05.04.2016 09:34, lst_hoe02--- via Info-cyrus wrote:
> The "we generally have to reject all messages which are not secured by SPF or DKIM" mean you want to force others to use non standard headers so in fact you are breaking SMTP RFC.
I think we don't. At least SPF works without additional headers in the messages.
Furthermore, I still can't see how we would break RFCs even if we would "force" people to use the DKIM header (in fact, we are not forcing anybody to do so, because we let messages pass which have at least *one* of SPF or DKIM passed): The RFCs nowhere say that every MTA MUST accept ANY message regardless of the sender, connecting server etc. On the contrary, the RFCs explicitly name mechanisms (e.g. DSNs) which should be used if a message cannot be delivered to its recipient, and people are rejecting messages (and returning appropriate DSNs) according to their own policies for decades now.
If you are saying that not accepting *all* messages means breaking the RFCs, I disagree.
What I exceptionally like about the way we have implemented the SPF and DKIM checks is that the sender gets informed about the problem because he will receive an appropriate DSN containing a polite message which explains the problem. In summary, I am convinced that our MTA's behavior conforms with the RFCs.
> It is your server so your rules, but don't complain if other do not agree with you.
I promise I won't :-)
More information about the Info-cyrus