Hacker News new | past | comments | ask | show | jobs | submit login

I don't use gmail. Regardless, the notifications aren't emails. I have configured my DMARC record to request that policy violations are reported to Postmark and every few weeks I get an email from them summarizing the reports they have received.

There are basically 0 violations, until I mail the Debian BTS or a mailing list, whereupon there are dozens. So it could be a problem at my end, Debian's end, or maybe downstream of Debian (e.g., if mail for foo@debian.org is forwarded on to someone else who has a misconfigured email setup...)

Regardless, my DMARC record has p=none so these reports are informational only. On the other hand, it's basically the reason I've never gotten around to changing it to p=reject...




If you have your DMARC set up right, anyone else who tries to send email using your domain as the "from" address will trigger a DMARC violation. It may be that having your address on a public mailing list triggers spammers to try using your domain.


Many mailing list software returns header information (including, most importantly, From header) while making some modifications to the message (e.g., adding a footer or prepending some text to the Subject header).

A lot of owners reconfigured said software to rewrite the From header since Yahoo changed their DMARC policy to a hard fail and broke quite a lot of mailing lists in doing so, as the resulting backscatter caused the software to unsubscribe people from the mailing list when delivery failed if someone sent a message from their Yahoo account.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: