[conspire] We fixed antispam!

Rick Moen rick at linuxmafia.com
Tue Mar 25 04:50:16 PDT 2025 

Jamie Zawinski is the monarch of snark.


This is an ongoing thread on Mastodon.


jwz
@jwz at mastodon.social
EN

Taking a stroll through my spam folder, I saw a bunch of legitimate
messages from people and companies with their own domains, that are not
publishing DMARC and SPF records. Surely everyone (and by everyone I
mean Google) is rejecting their mail? How do they not realize this?

Then I noticed that one of them was received *from* gmail, so their mail
probably works fine so long as they only mail gmail users. But another
was via Yahoo, so that doesn't track.
https://jwz.org/b/ykk8



@jwz The stats we collect for the #SpamAssassin project (mass-scan
results from participating sites) have long shown that spammers are more
consistent at making SPF, DKIM, and DMARC correct than are legitimate
senders. DMARC in particular has no discernible benefit for most
senders, so it is a useless signal. 

Rejecting mail based solely on authentication failures of those deeply
flawed authentication methods does more harm than good.






jwz
@jwz at mastodon.social
EN

@grumpybozo Wow, that's amazing. Great job everybody! So glad we spent
so much time implementing all of that crap!






mx alex tax1a - 2020 (5)
@atax1a at infosec.exchange
@jwz @grumpybozo just one more public key in a TXT record, that'll fix
email, just gotta add one more TXT record bro
Mar 23, 2025 at 01:49 PM
··
Web
52
boosts
·
123
favorites






dm
@_dm
EN

@atax1a @jwz @grumpybozo it me






🆘Bill Cole 🇺🇦
@grumpybozo at toad.social
EN

@atax1a @jwz It is a frustration that for DKIM, DMARC, and SPF to be as
trustworthy as possible, one must deploy DNSSEC correctly and defend
one's domain against any threat to its reputation but all the spammers
need to do is buy a cheap domain with any old garbage DNS and get a
handful of records right.






mx alex tax1a - 2020 (5)
@atax1a
EN

@grumpybozo @jwz and don't get us started on how dnssec is
untroubleshootable garbage whose main failure mode is to turn your
entire domain into an unresolvable sinkhole






Bernard Quatermass
@bernardq at ehlo.exim.org
EN

@atax1a @jwz @grumpybozo gotta plan to deal with that, just waiting for
an “imminent” draft to haul its lard-arse over the finish line before we
get active on something useful.

https://code.exim.org/exim/exim/src/branch/master/doc/doc-txt/id-wellknown.txt
Summary card of repository exim/exim
Exim Forgejo
exim/doc/doc-txt/id-wellknown.txt at master
exim - Master Exim source repository






Paul_IPv6
@paul_ipv6
EN

@atax1a @jwz @grumpybozo 

i hear if we just get everyone to have just the right magical number and
size of TXT records, that we will achieve world peace. :D






Hugo Slabbert ⚠️
@hugo at treehouse.systems
EN

@atax1a there is a certain checklist I'm sorely tempted to link to
here...

More information about the conspire mailing list