Hi Jeremy, On Thu, Jan 04, 2024 at 03:11:59PM +0000, Jeremy Stanley wrote: > On 2024-01-04 15:54:28 +0100 (+0100), Daniel Gröber wrote: > > could this rewrite scheme be applied only for recipients where it's > > absolutely necessary? > > Unfortunately no. It *used* to be a popular assumption that you could > look at the published DKIM/DMARC policies [...] but [...] Gmail decided > to treat messages from its own users more strictly than the policy it > publishes for them in DNS. And since Gmail does custom domain hosting > too, you can't simply limit the workaround to treating their well-known > domain specially. Given its popularity (near ubiquity) as a freemail > provider these days, Any good reason we cannot look at the MX domain (or in the worst case) ASN associated with mailserver IP to special case particularly offensive implementations such as this if looking at the DMARC policy works in the average case? > telling users they'll have to get an address somewhere else to interact > with the BTS is unlikely to end well either. That's certainly not something I'd advocate for. I want us to minimize the PITA for the technically literate without sacrifising general usability. --Daniel
Attachment:
signature.asc
Description: PGP signature