Hi,
I'm the listadmin (amongst other things) for Gentoo Linux. Our lists
handle somewhere north of 100k deliveries/day; it's a large deployment
of mlmmj.
I also happen to personally host the lists for my local hackerspace, and
that's where I first noticed DMARC causing problems, because one of our
members activated reject mode on his personal domain, and then all
yahoo+gmail recipients started having bounced mail whenever mail from
the DMARC-progressive user was sent.
I wrote up my findings here:
http://robbat2.livejournal.com/241253.html
If the listserv's outgoing MTA does implement DKIM signing, this problem
will still occur because it's legitimately valid for the From header to
differ from the envelope sender. That's why the extra DMARC header
X-Original-Authentication-Results [1] is needed sadly :-(.
The problem described WILL vanish when all mailing list apps implement
DMARC, but until then, it's really broken.
It's really bad because not a single list implementation supports DMARC
yet; mailman is the closest, but still not yet there.
If possible, if everybody could highlight the lack of open-source
support for DMARC in list apps, that would be hugely beneficial to the
cause.
At the same time, delaying mass usage of the reject policy would limit
damage.
[1] https://sites.google.com/site/oauthgoog/mlistsdkim
--
Robin Hugh Johnson
Gentoo Linux: Developer, Infrastructure Lead
E-Mail : robbat2(_at_)gentoo(_dot_)org
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
signature.asc
Description: Digital signature