- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
Email is an open system, right? Anyone can send a message to anyone… unless they are on Gmail! School Interviews uses two email servers t…
Email is an open system, right? Anyone can send a message to anyone… unless they are on Gmail! School Interviews uses two email servers t…
But that is not true at all. Spammers can easily send mail with all proper SPF, DKIM and DMARC records and signatures. A lot of spam is and will be sent like that. Those extensions do not make spam impossible, they just make it easier to track and block.
But this does not change the point of the article – in this case it is a specific domain sending very specific non-spam messages. SPF/DKIM/DMARC prove it is not someone else – GMail has no ground for blocking these (unless were are not told something).
And GMail has been breaking mail for years now. E.g. I hate them for breaking message threading by ignoring threading headers and forcing own view on how messages should be grouped.
How does one send a spam email that passes SPF and DKIM if one doesn’t have access to the DKIM private key, or the DNS server to edit the SPF or DKIM records?
I always just assumed spammers could make a DKIM private key and access a DNS server as easily as any of the rest of us.
You can’t… But you can register a domain and set up your own DKIM key and DNS records and then use it to send spam (until you get blacklisted, anyway). There’s a cost to doing that, though, so it’s less appealing.