Subject: The mailing list for listmasters using Sympa
List archive
Re: [sympa-users] Sender address spoofing prevention for SYMPA server
- From: Kazim Koybasi <address@concealed>
- To: Alan Hicks <address@concealed>
- Cc: address@concealed
- Subject: Re: [sympa-users] Sender address spoofing prevention for SYMPA server
- Date: Thu, 26 Aug 2021 18:41:15 +0300
Hi,
Thank you for sharing your experience Alan. I am a little confused about SYMPA DMARC support. SYMPA documentation mostly mentions overcoming dmarc issues with global mail providers ( Yahoo, AOL , Gmail, Hotmail ). As I understand from documentation DMARC protection in SYMPA does not provide spoofing protection for spammers. It only provides workarounds for global mail providers which have DMARC p=reject like records. It seems the only protection for spoofing is dkim authentication verification in the lists. Maybe I am wrong but I only want to learn how I can implement complete DMARC protection in the meaning of spoofing prevention spammers? For example, how can I stop invalid SPF and DKIM senders with SYMPA and valid DMARC records?
Regards.
On Wed, 25 Aug 2021 at 11:46, Alan Hicks <address@concealed> wrote:
My experience with SPF, DKIM and the combination of the two DMARC, is
that asking recipient post offices to hard reject mail can be painful,
but it does stop persistent spammers. It can be easily changed back to a
more permissive setting after a few days. YMMV
On 24/08/2021 17:14, Kazim Koybasi wrote:
> Hi all,
>
> We are upgrading our sympa server to the latest 6.2.64 version and we
> want to implement sender spoofing prevention also in sympa since some
> spammers misuse our private lists addresses with sender spoofing. We
> protect our private lists server with sender match protection and for
> increased protection we want to implement SPF, DKIM and DMARC in our
> lists server. We enabled DKIM in our test SYMPA server and it works
> but we do not know how it will behave with DMARC records like p=reject
> and relaxed alignment. I have read the documentation but can not be
> sure whether it automatically rejects dmarc failed messages (SPF, DKIM
> failure) or we need to implement opendmarc configuration for rejection
> of messages like that. Thank you for reading.
>
> https://sympa-community.github.io/manual/customize/dmarc-protection.html
> <https://sympa-community.github.io/manual/customize/dmarc-protection.html>
> https://sympa-community.github.io/manual/customize/dkim-arc.html
> <https://sympa-community.github.io/manual/customize/dkim-arc.html>
>
> Regards.
-
[sympa-users] Sender address spoofing prevention for SYMPA server,
Kazim Koybasi, 08/24/2021
-
Re: [sympa-users] Sender address spoofing prevention for SYMPA server,
Alan Hicks, 08/25/2021
-
[sympa-users] question about edit_list.conf for a single list,
stefano.antonelli@cnaf, 08/25/2021
- Re: [sympa-users] question about edit_list.conf for a single list, stefano.antonelli@cnaf, 08/25/2021
-
Re: [sympa-users] question about edit_list.conf for a single list,
Giorgio Donnini, 08/25/2021
- Re: [sympa-users] question about edit_list.conf for a single list, stefano.antonelli@cnaf, 08/26/2021
- Re: [sympa-users] Sender address spoofing prevention for SYMPA server, Kazim Koybasi, 08/26/2021
-
[sympa-users] question about edit_list.conf for a single list,
stefano.antonelli@cnaf, 08/25/2021
-
Re: [sympa-users] Sender address spoofing prevention for SYMPA server,
Alan Hicks, 08/25/2021
Archive powered by MHonArc 2.6.19+.