e-mail client

kpedersen

Son of Beastie

Reaction score: 2,163
Messages: 3,005

Implementing SPF, DKIM and DMARC is no necessity. You can run your own MTA quite fine without it.
[...]
if an email pretending to come from your domain is indead valid, or fake and therefore mostly spam.

You certainly do need them if you want to have any hope that your emails you send will get through to anyone.
 

hruodr

Aspiring Daemon

Reaction score: 283
Messages: 896

It is not difficult to implement them and in any case a good idea.
 

hardworkingnewbie

Active Member

Reaction score: 236
Messages: 240

You certainly do need them if you want to have any hope that your emails you send will get through to anyone.
My experience is that most MTAs don't care about it. But since the few ones with user base in hundred of millions do, you better should have it because the chance somebody wants to send an email to there is high enough.
 

Zirias

Son of Beastie

Reaction score: 1,701
Messages: 2,870

Implementing SPF, DKIM and DMARC is no necessity. You can run your own MTA quite fine without it.
Sure you can, but
Having them though might increase the possibility that the big players in the email game, so Hotmail/Outlook, Gmail and Yahoo will accept your mails just as is.
this is an understatement. Most sites have some kind of spam filtering that also expects these things. The "big players" are especially rigid and might outright reject your mail.
Aside that SPF, DKIM and DMARC are often confused with technologies to battle spam, which is not true.
Oh well, fighting spam is not what they directly do, but it's the purpose they are used for. Spam filters these days give a negative score for their absence (and an even more negative score when they're present but fail).
Of course when some of these tools were introduced, first early adopters were mostly spammers with their own domains.
Only a fraction of spam is sent by systems that can afford that, so these tools still serve their purpose. Of course, combined with other filters (RBLs, heuristics, etc…)
 
OP
Matlib

Matlib

Member

Reaction score: 37
Messages: 39

Guys, this topic is about mail clients, not servers. If you're interested: 35% of spam and bot messages in my personal mailbox comes from GMail, so DKIM, SPF and stuff won't help you.​

Back to the business:

This is strange. I have 3 Thunderbird installations, all built from ports, and I have not seen such issues.
I guess you're referring to the hanging problem. It depends on the mail server. It doesn't do that with my personal dovecot, but it does happen with our corporate (probably very buggy) server. Anyway, the other 101 annoyances are still there though.

Trojita looks tasty indeed, although the current version was released 5 years ago. I'll have a look anyway.​
 

Zirias

Son of Beastie

Reaction score: 1,701
Messages: 2,870

Guys, this topic is about mail clients, not servers. If you're interested: 35% of spam and bot messages in my personal mailbox comes from GMail, so DKIM, SPF and stuff won't help you.
Totally wrong conclusion. They don't help for the scenario "cracked mailbox on a large site", they do help for the scenario "spam sent by botnets of infected (windows) boxes". Without them, you'd get tons more of spam.
 

Geezer

Aspiring Daemon

Reaction score: 451
Messages: 771

Guys, this topic is about mail clients, not servers.

Dear OP, as usual this thread has begun redshift. What you consider your own thread is out of your control.

I too would like a better e-mail program. I don't think there is one.
 

hruodr

Aspiring Daemon

Reaction score: 283
Messages: 896

I too would like a better e-mail program. I don't think there is one.
There is a best, one always wants better. But better and best are not necessary good (enough).

I am happy with alpine.
 

astyle

Daemon

Reaction score: 646
Messages: 1,458

Totally wrong conclusion. They don't help for the scenario "cracked mailbox on a large site", they do help for the scenario "spam sent by botnets of infected (windows) boxes". Without them, you'd get tons more of spam.
Zirias , OP is right... As Geezer pointed out, the thread has taken off on a tangent. Staying on topic is a vitally important skill for problem solving, and yes, that applies to programmers, as well. Since the thread is supposed to be about email clients, the outtake would be that sometimes, it makes sense to leave server implementation to a different shop that you know will do a decent job, rather than trying your hand at a homebrew solution. It can be compared to taking care of your teeth - yeah, there's stuff you can do at home (proper diet and brushing), but for serious treatment, you go to a dentist, you really shouldn't try that on yourself, because you'll do more harm than good anyway.

As for staying on topic of email clients - I'm gonna stick to my original advice:
 

Zirias

Son of Beastie

Reaction score: 1,701
Messages: 2,870

astyle I couldn't care less about your lecturing. I didn't bring up the topic about servers or DKIM etc, but you won't stop me correcting wrong information about it.
 
OP
Matlib

Matlib

Member

Reaction score: 37
Messages: 39

...Without them, you'd get tons more of spam.

During the same period (Sep 2020-today) 9.9% of delivery attempts were rejected due to SPF failure. This doesn't filter out retries, so the actual number of blocked unique delivieries will be lower than that. Full SPF statistics are as follows:

SPF return code# connections% connections
pass560743.3
none376929.1
softfail192514.8
neutral3863.0
fail8246.4
permament error3232.5
invalid SPF record1000.8
temporary error3000.2

Out of those that did pass SPF and graylist, 4581 messages were more or less legit, 4164 were sure spam of which 1481 came from Google's servers.

I didn't bother to set up DKIM verification not to waste my time.

The trivial way to circumvent these is to use a permissive domain in return path, for example gmail.com that has softfail for all IP addresses (their SPF record ends with ~all). But still, in the end you're left with thousands of spam messages per year coming from real gmail servers.
 

Zirias

Son of Beastie

Reaction score: 1,701
Messages: 2,870

Full SPF statistics
If you look closer at them, you see a lot of deliveries without SPF. The "big players" would already attach a strong negative score to that. Then, you have almost 15% "softfail", which is IMHO a design flaw in SPF, cause it's just inconclusive for the receiving party. Still, only less than half of the deliveries actually pass SPF.
Out of those that did pass SPF and graylist, 4581 messages were more or less legit, 4164 were sure spam of which 1481 came from Google's servers.
Neither SPF nor DKIM can do anything against spam sent via legitimate mail systems. There's no single "solution" to the spam problem anyways, but combining many approaches gives pretty good results …
I didn't bother to set up DKIM verification not to waste my time.
... and for filtering out the "botnet" (et al) originating spam, adding DKIM can improve that substantially, compared to only SPF.
 

grahamperrin

Son of Beastie

Reaction score: 828
Messages: 2,659

grahamperrin

Son of Beastie

Reaction score: 828
Messages: 2,659

Why not use a web client?

I do, as a complement to Thunderbird and extensions, including Owl for Exchange.

Thunderbird

… download with imap the whole messages …

Not necessarily.

Please be aware of Thunderbird preferences for IMAP, for example:

1634377318819.png

… stops receiving new mail several times per day,

– for which (probably):

… our corporate (probably very buggy) server. …

… randomly hangs and uses 200% CPU,

Was there a bug report? I don't recall Thunderbird behaving in that way.

needs to run in some Swedish locale to display normal date yyyy-mm-dd instead of 1/2/3 because it cannot be configured otherwise,

Was there a bug report?

they constantly change API,

Not constantly.

 

Geezer

Aspiring Daemon

Reaction score: 451
Messages: 771

Upgrading from 78.14.0 to 91.2.0_1 now, however long it takes to build. Will see if it is any better.
 

Geezer

Aspiring Daemon

Reaction score: 451
Messages: 771

After installing 9.whatever, it looks pretty much the same.
 

astyle

Daemon

Reaction score: 646
Messages: 1,458

I think this thread ended up in the wrong place after DutchDaemon renamed the Xorg forum to Display Servers. Probably a lot of other threads are now misplaced. Even if there's a good idea floating around, sometimes a quick-and-dirty approach does create a mess.
 

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Reaction score: 3,214
Messages: 11,432

The title of the forum changed, a literal change in a bunch of characters. No posts or threads have moved, so this thread must have been in the X.Org forum to begin with.
 
Top