Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 601750

Summary: SPF policies review: handling of SPF failures
Product: Gentoo Infrastructure Reporter: Robin Johnson <robbat2>
Component: Mailing ListsAssignee: Gentoo Infrastructure <infra-bugs>
Status: CONFIRMED ---    
Severity: normal CC: mjo
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2016-12-06 00:04:32 UTC 
TODO:
- Review handling of incoming mail to lists.gentoo.org for SPF compliance.
- Decision on non-pass match of @gentoo.org email.
  - Be mindful of ~all records vs -all.

Proposed actions:
- strongly encourage all developers to either relay or add their own SPF rules with a strict '-all' policy.
- Deploy qpsmtpd for programmatic customization in SPF validation on lists.g.o
-- be very strict about mail from @*.gentoo.org
-- potential policy: require GPG against known LDAP keys || strict SPF.