Author: Todd Lyons Date: To: Michael J. Tubby B.Sc. MBCS G8TIC CC: Exim User List Subject: Re: [exim] Help sought with fairly complex DKIM set up and Facebook
On Fri, Feb 28, 2014 at 7:28 AM, Todd Lyons <tlyons@???> wrote:
> You may want to consider implementing DANE, which combines SPF and
Ugh, I meant DMARC!
I am so sorry. I have been working with DANE for a few days and the
wrong acronym flew out of my fingers.
> DKIM. If either SPF or DKIM passes. Your logging clearly indicates
> that the SPF is passing, so those emails would be accepted based on
> DANE instead of rejected based on DKIM.
*DMARC*
>>>> * do I really need to whitelist facebook as a broken DKIM sender to get
>>>> their mail in?
> I think DANE could be the ultimate solution to your problem.
*DMARC*
> But having said that, it would be best to figure out WHY a specific
> sender is failing. Temporarily change the deny to a warn and save a
> few of those messages. If you could send one or more of those
...which is what Phil was describing with the extra router with
"unseen" to save a copy of the message.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine