liggitt
commented
2 years ago thanks for the report, figuring out the right folks to route this to
Closed chris-short closed 2 years ago
liggitt
commented
2 years ago thanks for the report, figuring out the right folks to route this to
liggitt
commented
2 years ago just to clarify, it was kubernetes.io and not kubernetes.dev?
chris-short
commented
2 years ago Correct. I've not had enough coffee yet.
Chris Short https://linktr.ee/TheChrisShort He/Him/His TZ=America/Detroit
On Thu, Apr 28, 2022 at 9:12 AM Jordan Liggitt @.***> wrote:
just to clarify, it was kubernetes.io and not kubernetes.dev?
— Reply to this email directly, view it on GitHub https://github.com/kubernetes/steering/issues/243#issuecomment-1112186562, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAKUD6KEPI7W2S4LVVND523VHKFEJANCNFSM5USLEDLQ . You are receiving this because you authored the thread.Message ID: @.***>
liggitt
commented
2 years ago liggitt
commented
2 years ago /assign @dims @parispittman @mrbobbytables per https://github.com/kubernetes/steering/#google-workspace
is there any downside/disruption possibility as a result of setting up DMARC? wondering specifically about the "Valid messages sent from third-party email providers for your domain might not pass SPF or DKIM checks." bit from https://support.google.com/a/answer/10032674.
liggitt
commented
2 years ago looks like this requires DNS config, right? which would be defined the same way the SPF record is, in https://github.com/kubernetes/k8s.io/blob/main/dns/zone-configs/k8s.io._0_base.yaml#L36 ?
mrbobbytables
commented
2 years ago After a little bit of googleing I don't think enabling DMARC will solve the root issue. DMARC will not be applied to messages sent to the mailing list. The google group functions as a listserv and essentially forwards the message with all headers intact. For DMARC to function, it'd have to rewrite the headers for each message. Configuring DMARC would only apply to messages being sent from named accounts (e.g. sc1@kubernetes.io) or when sending AS a mailing list (e.g. when we send comms as community@kubernetes.io), an option only available to mailing list admins.
chris-short
commented
2 years ago Where is SendGrid in this puzzle?
dims
commented
2 years ago thanks for digging in @mrbobbytables and @chris-short - looks like we a no-op for now.
mrbobbytables
commented
2 years ago Sadly not much we can really do about this at this point. =/ Going to go ahead and close for now.
/close
k8s-ci-robot
commented
2 years ago @mrbobbytables: Closing this issue.
Problem Statement
kubernetes.io has no DMARC configuration. This is sending legitimate emails to spam folders potentially globally. You can check here: https://mxtoolbox.com/SuperTool.aspx
A release candidate email in my spam folder is what triggered this
Proposed Solution
I believe the Google Admin console can generate these on steering's behalf, but if there's any confusion (email is hard), I'm an admin on my own domain; happy to help out.
The guide is pretty straightforward though: https://support.google.com/a/answer/2466580?product_name=UnuFlow&hl=en&visit_id=637867479928607575-3291798451&rd=1&src=supportwidget0&hl=en
Cost
$0.00
Open Questions
Next Steps
Other Considerations, Notes, or References