The mailing list for listmasters using Sympa

[Alan Hicks <address@concealed>]

My experience with SPF, DKIM and the combination of the two DMARC, is 
that asking recipient post offices to hard reject mail can be painful, 
but it does stop persistent spammers. It can be easily changed back to a 
more permissive setting after a few days. YMMV

On 24/08/2021 17:14, Kazim Koybasi wrote:
> Hi all,
>
> We are upgrading our sympa server to the latest 6.2.64 version and we 
> want to implement sender spoofing prevention also in sympa since some 
> spammers misuse our private lists addresses with sender spoofing. We 
> protect our private lists server with sender match protection and for 
> increased protection we want to implement  SPF, DKIM and DMARC in our 
> lists server. We enabled DKIM in our test SYMPA server and it works 
> but we do not know how it will behave with DMARC records like p=reject 
> and relaxed alignment.  I have read the documentation but can not be 
> sure whether it automatically rejects dmarc failed messages (SPF, DKIM 
> failure) or we need to implement opendmarc configuration for rejection 
> of messages like that. Thank you for reading.
>
> https://sympa-community.github.io/manual/customize/dmarc-protection.html 
> <https://sympa-community.github.io/manual/customize/dmarc-protection.html>
> https://sympa-community.github.io/manual/customize/dkim-arc.html 
> <https://sympa-community.github.io/manual/customize/dkim-arc.html>
>
> Regards.