[vox-tech] dkim on vox-tech
Bill Broadley
bill at broadley.org
Fri Apr 29 18:30:22 PDT 2016
On 04/29/2016 09:48 AM, Brian E. Lavender wrote:
> I talked to one our members and he said he didn't get a message
> fromt he vox-tech list that he sent.
Common, many lists and mail servers suppress email from yourself. To
not do so risks infinite loops from broken vacation messages and the like.
> He has a gmail account.
> I have a mail server I manage that is connected to Comcast business
> and I had to implement dkim on outbound messages so that they would
> make it to gmail. I wonder if we need to put dkim on the vox mailing
> list?
In my experience adding DKIM or not, doesn't change much. Gmail does
add a nice little green ball with a "signed by: <mailserver>", but it
doesn't effect spam scores and the like much or at all.
With all that said I think DKIM is useful, but mailing lists have to
decide to do one of:
A) not touch any headers DKIM decides to sign, like for instance the
subject line and signature.
B) resign all message from dkim.
I like the later option since (IMO) the mailing list should verify
incoming email, apply anti-virus, and anti-spam. Then if it passes all
that it should resign. That way all subscribers can be sure it's
actually email from the list not a forgery that looks like it's from the
list.
Sadly email is pretty much a lost cause for security, privacy, and
authenticity. If you do a really good job of it, it's not really email
anymore.
More information about the vox-tech
mailing list