benoitc
commented
2 years ago We didn't assign the DNS to fast mail right?
Closed starbelly closed 2 years ago
benoitc
commented
2 years ago We didn't assign the DNS to fast mail right?
max-au
commented
2 years ago We host DNS with Namecheap.
I clearly recall setting up SPF (but not DKIM/DMARC) for WildApricot, but I guess I did not document the setup so it is likely to be incomplete or even wrong.
starbelly
commented
2 years ago I'll take a look shortly.
starbelly
commented
2 years ago @max-au It looked fine to me. I need to get with you on further on how ci.erlef.org is configured. I did modify to a softfail ~all as was worried about rejections.
Fastmail seems to recommend a neutral all ?all, but a softfail I think makes more sense. Will revisit further tomorrow.
Edit:
Note: I also configured dkim.
starbelly
commented
2 years ago I went ahead and looked at this further. The only thing open left to discuss is whether to use hard fail, soft fail, or even neutral.
The happy medium of ~all once again makes sense to me in general, but it's possible the safest choice is neutral.
This fastmail write up about the problems with SPF I believe highlights why they went with ?all (neutral) : https://fastmail.blog/advanced/spf-dkim-dmarc/
max-au
commented
2 years ago It appears working for me, should we close it now?
There currently is no spf record set for erlef.org or any of it's sub-domains. This can result in messages getting flagged as spam by other providers.
spf record setup referenced here : https://www.fastmail.help/hc/en-us/articles/360060591153-Domains-Advanced-configuration