Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 234274

Summary: Gentoo.org domain should use DKIM
Product: Gentoo Infrastructure Reporter: Craig Andrews <candrews>
Component: OtherAssignee: Gentoo Infrastructure <infra-bugs>
Status: RESOLVED WONTFIX    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Craig Andrews gentoo-dev 2008-08-08 21:40:03 UTC 
DKIM helps prevent spam, and ensure that mail from Gentoo.org is really from Gentoo.org. It's pretty easy to add - just a DNS record for each mail server, and a little mail server config change.

Reproducible: Always
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2008-08-08 22:57:24 UTC 
No, we have zero requirement for developers to relay their outgoing mail via us.

We have the following SPF records in that regard:
gentoo.org.		1200	IN	TXT	"v=spf1 mx ptr ?all"
lists.gentoo.org.	60	IN	TXT	"v=spf1 mx a:lists.gentoo.org a:pigeon.gentoo.org a:robin.gentoo.org include:gentoo.org -all"

If the mail claims to be from @lists.gentoo.org, then it really is, because all of that mail comes from one of exactly 3 machines. If it claims to be @gentoo.org, then it could be direct, or it could be from any developer directly (using their own ISPs or own systems).