✨ Feature Suggestion | Warn against using custom domains for email providers that don't have SPF+DKIM+DMARC support for custom domains #1833
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1833
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
The minimum criteria for listing an email provider includes this requirement:
We should warn against email providers offering custom domain support that do not provide clear documentation/steps on how to setup SPF, DKIM, and DMARC for custom domains and why they are needed. They are all used to prevent other people from sending emails as someone else. So, if a custom domain doesn't have all of those set up, it is easier to spoof emails from that domain.
For example,
Furthermore, I think the email providers page should talk about the importance of SPF, DKIM, DMARC, along with DNSSEC, MTA-STS, etc.
I did speak to some of the providers about their DMARC policies.
Some of them were setting them to none because of issues regarding mailing lists.
I think they were waiting on ARC to help with that.