On Mon, May 11, 2015 at 03:27:12PM +0200, Charles Nérot wrote: > Lot of thing are done for fighting spam : dnssec, dane, spf, dkim, > dmarc... All of this for "trusting real sender". > Some of them break smtp built in fonctionnality : spf break forwarding [1]. DANE does nothing for spam, there are spammers that pass DNSSEC, DANE, DKIM, SPF. DMARC breaks mailing lists badly for domains with reject as their policy [1].
> If you beleive in spf (gentoo.org have an spf dns entry) , two ways need > to be looked at : > - fixing real sender with SRS [1]. SRS was NEVER approved to an RFC. Does Google actual handle it properly without violating DMARC? > - stop forwarding mail and do POP (gmail can do it) or IMAP from your > favorite (web)mail client. See prior in the thread, that this is NOT feasible for many users. > Dmarc dns entry with report activated can help you understand why google > blacklist you. We are NOT blacklisted. We are throttled, and there is a major difference there. A62D234090F 4425 Mon May 11 17:19:24 bugzilla-dae...@gentoo.org (host gmail-smtp-in.l.google.com[2607:f8b0:400e:c02::1a] said: 421-4.7.0 [2001:470:ea4a:1:214:c2ff:fe64:b2d3 15] Our system has detected 421-4.7.0 an unusual rate of unsolicited mail originating from your IP address. 421-4.7.0 To protect our users from spam, mail sent from your IP address has 421-4.7.0 been temporarily rate limited. Please visit 421-4.7.0 http://www.google.com/mail/help/bulk_mail.html to review our Bulk 421 4.7.0 Email Senders Guidelines. k5si11246054pdl.3 - gsmtp (in reply to end of DATA command)) ${CENSORED}@gmail.com [1] I previously wrote about how this breaks lists: http://robbat2.dreamwidth.org/238457.html -- Robin Hugh Johnson Gentoo Linux: Developer, Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
