Pegasus Mail & Mercury

Welcome to the Community for Pegasus Mail and
The Mercury Mail Transport System, the Internet's longest-serving PC e-mail system!
Welcome to Pegasus Mail & Mercury Sign in | Join | Help
in
Home Blogs Forums Downloads Pegasus Mail Overview Mercury Overview Wiki

Future of DKIM/DMARC in Mercury? Sharing some thoughts...

Last post 11-05-2019, 16:48 by Tim W Young. 2 replies.
Sort Posts: Previous Next
  •  07-26-2016, 22:40

    • question is not online. Last active: 07-27-2016, 23:37 question
    • Not Ranked
    • Joined on 06-14-2016
    • Member
    • Points 45

    Future of DKIM/DMARC in Mercury? Sharing some thoughts...

    I share Mr. Harris opinion regarding SPF already mentioned in this forum, and I also not a big friend of DKIM or any new technology that swears to combat spam effectively. However, we were forced to publish a SPF-Record to get our mails sent to some important ESPs.

    Since we had to move our physical IP to a new one  (besides lots of software updates)  we had some new delivery issues. Curiously we hadn't that kind of problems before, maybe we had a whitelisted IP because of its reputation before. Really can't say. Very sad that black/whitelisting at ESPs is usually based on IP (not FQDN). So we had to adopt some things, such as registering at postmaster-tool-pages,  adopting Feedback Loops etc. Today it is very necessary to have upated/clean sender-address-lists (the ones that don't get 550 mailboxes unknown errors or doesn't get junk-complaints) to maintain high quality email delivery.

    Doing all that postmaster-stuff we came across lots of informations about implementing DKIM for senders Authentication. Here some examples:

    To get a Spamrate or FBL insight of Gmail, mails have to be DKIM-signed:
    https://support.google.com/mail/answer/6258950#empty

    MSN is also forcing DKIM (see "AUTHENTICATION"):
    https://mail.live.com/mail/junkemail.aspx

    Yahoo (see "Always make sure your emails include DKIM authenticated signature"):
    https://help.yahoo.com/kb/postmaster/overview-industry-standards-practices-sln3435.html

    https://help.yahoo.com/kb/SLN3438.html

    Most of them still are recomendations, but it seems very likely now that DKIM is being widely adopted. As I've said before, I am not a big fan of all that new technologies claiming to be the best solution combating  mail spam/abuse, but also because I know it will cause more overhead to whatever MTA being used. But it seems that this feature will be needed some time soon. Are there any plans adding this feature in mercury (in particular in the MercuryC SMTP Client)?

     Thanks for any insights.

     

  •  08-06-2016, 3:53

    • jbanks is not online. Last active: 11-11-2019, 22:34 jbanks
    • Top 50 Contributor
    • Joined on 06-09-2007
    • Prince Edward Island, Canada
    • Member
    • Points 1,305

    Re: Future of DKIM/DMARC in Mercury? Sharing some thoughts...

    Personally I'm in favour of SPF.  I published my spf record and like the fact that no can pretend to be my domain and send mail to MS, gmail, yahoo, etc.   I wish David Harris would support it as well. That's up to him but I like it.  Right now I accomplish sort of the same thing by making content rules that number 1 give a score of 51 to any email that uses a bank domain and then I have another rule that cancels it out.  It's not as perfect as SPF and takes a lot of work but is worth the effort.  I have to look up all the ip's each bank uses.

    if header "from" matches "*@scotiabank.com*" weight 51
    if header "received" matches "*scotiabank.com (199.166.13.* by mercurymailsystem.ca*" weight -499 tag "real-scotiabank acct"

     SPF would accomplish all this for me with no work on my part.

     

    No solution will get rid of all spam but using every tool you can will cut out about 99.99% 

    I use spamhalter which I am quite happy with but it doesn't catch everything
    most of the stuff it misses are caught by my content rules.
    I also use sorbs and spamhause blacklists which cut out a lot of spam before it even hits me
    oh and I also have a rather extensive transflt.mer file that stops thousands of messages with things like
    blocking any server that helo's as either my servers name or ip address, or fake msn or google servers.

    SPF would just be something else that might just get me to 100%

    I don't think SPF purports to cut out all spam but it is very effective at identifying a lot of it with no false positives and it does it for probably most of the really important domains (banks,etc)

     

     

     

    Filed under:
  •  11-05-2019, 16:48

    Re: Future of DKIM/DMARC in Mercury? Sharing some thoughts...

    I'm also glad to be able to use SPF and DMARC.  I also hope to use DKIM, once it's supported by Mercury.  My server has always had a great reputation, with optimal/hardened settings.  Nevertheless, my users' email has still often been erroneously marked as spam in other systems, hence I've implemented SPF and DMARC.  It would be great to be able to add DKIM to that to further reduce the false-positives.
View as RSS news feed in XML

Contact | Advertise | Host provider: PraktIT | Terms of Use | Privacy Statement
Copyright © 2007-2011 David Harris / Peter Strömblad. | Pegasus Mail Home Page