Building on the FROM_IS_LIST idea, rather than having the From be
rewritten to simply "list(_at_)example(_dot_)com" why not establish a
convention
(dare I say "standard?") to encode the real from address and list to the
left of the @ sign? The rub with DMARC/SPF/DKIM is the domain itself,
not the whole address.
This is a minor tweak of the "authenticated phish via on-behalf-of" proposal.
Spammers can send mail that looks a lot like mailing lists, you know.
From: Paypal Security
<security(_at_)paypal(_dot_)com(_dot_)lists(_dot_)rbn(_dot_)ru>
But wait, I have an even better idea, Nobody ever thought of this one!
From: Paypal Security <security%paypal(_dot_)com(_at_)lists(_dot_)rbn(_dot_)ru>
R's,
John
PS: You can safely assume that any possible workaround for mailing
list From: lines has been invented, argued about, and discarded at
least a dozen times already. The response to pretty much all of them
is that you have to know it's a real mailing list to trust the hack,
but if you know it's a real mailing list, just deliver the fripping
mail.