Jerry

@daniel@masto.doserver.top
I've never had issues making changes, so I think it wouldn't be an issue. The caches should recognize they need updating.

@nimi@norrebro.space
Hi,

Depending on the ISP, after making the changes, it usually takes up to 15 minutes for the changes to get distributed to all the DNS servers worldwide. It's pretty quick.

@daniel@masto.doserver.top
Should be able to.

@Ruaphoc@mstdn.games
Thanks for this! This is on my list to look at this weekend. Thank you!

@idoubtit@mstdn.social
Mailpoet is a Wordpress plugin? You should still have appropriate SPF, DKIM, and DMARC records.

If you gave Mailpoet the right to use your email's SMTP server (is this how it works?) then you're fine because it's using your credentials and SPF will pass as the SMTP server is authorized to send email for your credentials.

@esplovago@mastodon.uno
Yep.

If you want to have different rules for subdomains, then the records get much more complicated. but "v=spf1 -all" pertains to the domain and subdomains.

@b3lt3r@mastodon.b3lt3r.com I'm far from an expert, but if your redirect is at the server, and your server adds a ".forward" to the email, and does not alter anything, you should be fine because your SPF and DKIM should pass.

If your redirect is via an email client, or the server doesn't add a .forward, it may alter the email slightly, but in a way sufficient for DKIM to fail because the hash won't match any longer. But, I think in this case, if SPF passes, your email client would still accept it since the original DKIM passed before the forwarding.

It gets really complicated. Suggest you try it.

And this is based on my understanding, which, who knows?

@Dero_10@mastodon.sdf.org @pteryx@dice.camp
I had that issue a lot when I was running a Linux server in the cloud. It's why I stopped using my own Wireguard VPN server I hosted on Digital Ocean. So many sites would block it.

@adingbatponder@fosstodon.org
Can you open a support ticket for help? Or, maybe, they've already done it for you. You can check at https://www.dnsdomainlookup.com/ and pick dns summary from the dropdown.

If you see the spf, dkim, and dmarc records, then you're all set.

@amberage @pteryx
Your points, I think, are very valid. And I live with the fear that I will end up with the same fate.

@Aganim@lemmy.world
I'm not an expert on this (it's a career), but I know it's not that simple.

If I get an unforwarded email, I definitely want both DKIM and SPF to pass. I want only email from an authorized server, and I want an email that is not modified and is properly signed. No exceptions. Both must pass.

If I get email from a mailing list that is sending email to me on behalf of a different domain, I want SPF to pass in that I want to know that the mailing list provider's server is authorized to send email on behalf of the original domain. But, in this case, the original DKIM will fail because the mailing list provider will have changed the email. But, I expect the new DKIM to be correct, or I won't accept it. So, here, a failure on the original DKIM can be acceptable.

If someone forwards an email to me, the original DKIM will fail. I will accept it. But, I want the SPF of the forwarding server to pass, and the new DKIM for the changed email to pass.

There's also email redirection and forwards that happen at the server vs. the client and there can be separate rules for this.

The records can get complicated if you truly want to control different scenarios.

But, you don't always want to accept an email if only 1 check passes.

At least, this is my understading of it all.

@pteryx@dice.camp I set up my own email server on DigitalOcean and instantly got blacklisted by Spamhaus because it was a new domain, and then by another company because the IP address belonged to DigitalOcean.

Most mail servers also flagged it as spam because the domain was less than 60 days old and because it was a .online TLD. For a long time, some of my emails were immediately bounced back or went to spam folders because of all these reasons.

I also believe that every home IP address is automatically blacklisted, which makes it worse for your roommate.

You can eventually overcome it by letting the domain reputation slowly develop and then doing a direct appeal to the blacklist companies. But, it takes a long time.

It's amazing any spam gets delivered.