[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Different RCVD_IN_DNSWL rules applied to my IP

Alessandro Vesely <vesely@xxxxxxx> writes:

> On Mon 05/Sep/2022 14:36:17 +0200 Greg Troxel wrote:
>> Alessandro Vesely <vesely@xxxxxxx> writes:
>>> On Sat 03/Sep/2022 12:42:25 +0200 Bernd H. Steiner wrote:
>>>> Am 03.09.2022 12:30, schrieb Greg Troxel:
>>>>
>>>>> I would be shocked if eden.one ended up in HI without you
>>>>> knowing about it by way of applying, and highly surprised if it were HI
>>>>> at all.  HI is things like bank servers that send alerts, very broad-brushy.
>>>>
>>>> the *maximum* trust level for category 6 private/personal is MED
>>>
>>> Is that a political meddling?
>>
>> No, it's a perfectly sane policy.  DNSWL assigns trust levels based on
>> expectations about future behavior and the relative consequences
>> abenefits to relying parties.  Personal servers tend not to have large
>> IT organization with 24/7 cybersecurity watchstanders.  The amount of
>> things in HI is quite limited, and my impression is that it's mostly
>> banks and things like that (sending transactional mail and alerts).
>> Those have a much higher risk of false positives because (apparently)
>> the marketing people make them send HTML and put other crud and thus
>> they typically hit a bunch of smallish rules.
>>
>> I don't know why you think this is "political" or if it is which flavor of
>> political thought it would drive.
>
>
> It was partly tongue-in-cheek, opposing the tendency to use
> "professional" mail providers, which actually are not all that better
> than a well configured private MTA.  Indeed, the bigger they are the
> more they are targeted.
>
> Anyway, your explanation makes sense, especially the second part.  Thanks.

OK, I see where you are coming from.

Things like gmail are in NONE, and to me that's obviously because they
don't reliably not send spam.  I just got mail from gmail (which wasn't
spam), and it had RCVD_IN_DNSWL_NONE.

HI is for things where only official company things go out to customers.
I did find something from the US government in HI, that was in fact
transactional and not spam.

Attachment: signature.asc
Description: PGP signature

References:
Different RCVD_IN_DNSWL rules applied to my IPJan Eden <tech@xxxxxxxx>
Re: Different RCVD_IN_DNSWL rules applied to my IPGreg Troxel <gdt@xxxxxxxxxx>
Re: Different RCVD_IN_DNSWL rules applied to my IP"Bernd H. Steiner" <mail@xxxxxxxxxxxxx>
Re: Different RCVD_IN_DNSWL rules applied to my IPAlessandro Vesely <vesely@xxxxxxx>
Re: Different RCVD_IN_DNSWL rules applied to my IPGreg Troxel <gdt@xxxxxxxxxx>
Re: Different RCVD_IN_DNSWL rules applied to my IPAlessandro Vesely <vesely@xxxxxxx>