[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190806131925.GC4527@sirena.org.uk>
Date: Tue, 6 Aug 2019 14:19:25 +0100
From: Mark Brown <broonie@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Liam Girdwood <lgirdwood@...il.com>,
lkml <linux-kernel@...r.kernel.org>,
Konstantin Ryabitsev <mricon@...nel.org>
Subject: Re: [GIT PULL] regulator fixes for v5.3
On Mon, Aug 05, 2019 at 11:42:29AM -0700, Linus Torvalds wrote:
Adding Konstantin.
> these got marked as spam once again, because
>
> dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
>
> and I think it's because you have
>
> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
> d=sirena.org.uk;
>
> but then you have
>
> From: Mark Brown <broonie@...nel.org>
>
> so the DKIM signature is all correct, but it's correct for
> sirena.org.uk, not for the sender information..
Well, AFAICT this is your mail provider deciding to impose their own
requirements on things. (and for clarity it's only the From: that has
kernel.org, the envelope sender has sirena.org.uk.)
The DKIM signature there says that the sirena.org.uk systems are
asserting that they take responsibility for the headers they sign, this
is true and says nothing about the content of those headers other than
you can tell if they were modified since leaving sirena.org.uk. The
DMARC check is a separate one based on the domain reported in the
address, kernel.org has one which explicitly advertises having no policy
and only filtering 1% of outbound mail so shouldn't really mean anything
for processing. DMARC can flag that there has to be a DKIM signature
from the domain in the headers but kernel.org doesn't do that.
We *do* have a SPF record for kernel.org which I think isn't helping
since it flags all hosts as being SOFTFAIL (the last match is ~all)
which is supposed to be something along the lines of accept but flag, I
can see your provider deciding that spam is the appropriate tag there.
As far as I can see that'd also flag mail sent by things like the
patchwork tracker bot similarly (it sends from mail.kernel.org which
isn't advertised as a sender).
I suspect Google will only be happy if I inject mail through them,
possibly also if I filter kernel.org mail to redirect via kernel.org
though that might still trip them up.
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists