Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • TPA team TPA team
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 173
    • Issues 173
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • TPA
  • TPA teamTPA team
  • Issues
  • #40990
Closed
Open
Issue created Dec 05, 2022 by anarcat@anarcatOwner5 of 5 checklist items completed5/5 checklist items

Deploy SPF, DKIM, and DMARC records for all of torproject.org

Once the SPF and DKIM records are in use everywhere, deploy SPF records for all of torproject.org pointing to known mail hosts. Also enforce a domain-wide DMARC policy, at least to get reporting when we have failures.

next steps:

  1. SPF soft policy everywhere
  2. DKIM records everywhere (#40989 (closed))
  3. DMARC soft record (is it like SPF that we need a record per mx? no, DMARC is inherited)
  4. SPF hard policy everywhere, after some grace period?
  5. DMARC hard policy?
Edited Dec 14, 2022 by anarcat
Assignee
Assign to
Time tracking