ietf
[Top] [All Lists]

Re: DMARC: perspectives from a listadmin of large open-source lists

2014-04-08 00:18:54
On Tuesday, April 08, 2014 06:06:27 Sabahattin Gucukoglu wrote:
On 8 Apr 2014, at 05:21, John R Levine <johnl(_at_)taugh(_dot_)com> wrote:
Mailing list apps can't "implement DMARC" other than by getting rid of
every feature that makes lists more functional than simple forwarders.
Given that we haven't done so for any of the previous FUSSPs that didn't
contemplate mailing lists, because those features are useful to our
users, it seems unlikely we'll do so now.
Well,  Mailman 2.1.16 has the FROM_IS_LIST feature that "Fixes" the problem
by putting the list address in the From: field.  That seems to work, except
that you lose information (the sender's address) if the list wants to
operate a policy of "Reply goes to list".  You can then assure that DKIM
signatures are valid and set up SPF, etc.  This also has the effect of
letting you operate through the various cloud email platforms that try to
validate sender addresses.

But I agree it's broken.

It's unrelated to SPF.  SPF uses Mail From and so on lists that aren't just 
forwarders, the list already uses it's own Mail From.  The only way SPF gets 
roped into this thing is the DMARC use of SPF plus an insistence on "identity 
alignment" to add a requirement that the From domain is in the same domain as 
Mail From.  That's not SPF's fault.

DMARC is interesting for the feedback reports, but I'm certainly not 
publishing reject policies on any domains I have that have real users.

Scott K