[Mailman-Developers] Fixing DMARC problems with .invalid munge

[Lindsay Haisley]

On Sun, 2014-05-18 at 01:37 +0900, Stephen J. Turnbull wrote:
>  > How do you limit it to just addresses with DMARC problems?  There's no
>  > benefit to doing it to everyone.
> 
> Probably a hard-coded regexp (or list thereof) matching against the
> address in "From".  The OP has a special situation where he's got lots
> of local mods to Mailman, so it's not convenient to upgrade.  So he
> wants a quick and dirty approach, and he also knows enough Python that
> he can work out the details for himself.

Quick 'n dirty indeed!  We keep discovering domain names publishing
DMARC p=reject policies, and there's no guarantee that others won't
follow suit.  So far, AOL and Yahoo are the only public ESPs we know of,
but that could change.  The only guaranteed method is to query DNS.
Queries are cached, so repeated lookups of the same names should have a
fairly low latency.

I have a lot of mods to Mailman too.  Patching is easy using the gnu.org
diff and patch tools and can easily be scripted, although if your OP
hasn't kept diff records of his patches then this isn't an option.
> 
-- 
Lindsay Haisley       | "Everything works if you let it"
FMP Computer Services |
512-259-1190          |          --- The Roadie
http://www.fmp.com    |