a little website i shepherd for a friend has a contact form. it uses php mail() via sendmail. ive done all the things: fail2ban, recaptcha, spf, dkim, reject dmarc policy; the config is just as tight as my personal mail server, and few to no illegitimate form submissions ever make it as far as the mta.
gmail happily sends a daily dmarc report congratulating me for successful spf and dkim tests, yet refuses to deliver any messages to a gmail inbox. at the same time, the target gmail inbox is stacked full of spam, all from gmail.com addresses.
google is a bully and a tyrant and hostile to the open internet. msft does the same shit.
google rant:
a little website i shepherd for a friend has a contact form. it uses php mail() via sendmail. ive done all the things: fail2ban, recaptcha, spf, dkim, reject dmarc policy; the config is just as tight as my personal mail server, and few to no illegitimate form submissions ever make it as far as the mta.
@h2onolan The open secret is that you can do all the SPF, DKIM, DMAC, and any other email acronym perfectly but at the end of the day, IP address reputation is the #1 thing that matters and is the hardest thing to establish. I ran my own personal server for a decade and jumped through the hoops to get everyone to accept my emails. Now they've raised the hoops and set them on fire.
Gregory's Server
@h2onolan I'm reminded of this blog post (which I think I found right here on the tooters): https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html
@h2onolan The open secret is that you can do all the SPF, DKIM, DMAC, and any other email acronym perfectly but at the end of the day, IP address reputation is the #1 thing that matters and is the hardest thing to establish. I ran my own personal server for a decade and jumped through the hoops to get everyone to accept my emails. Now they've raised the hoops and set them on fire.