[Mailman-Users] DMARC and From header munging

Mark Sapiro mark at msapiro.net
Thu Apr 17 20:29:21 CEST 2014 

On 04/17/2014 11:01 AM, Lindsay Haisley wrote:
> It occurred to me that one possible variation on From: header munging
> which wouldn't break any applications depending on this being an actual,
> working address for a post's author, while still passing DMARC
> authentication, would be for Mailman to change the From: address to a
> VERP-like address with the author's address encapsulated within an
> address @ the list server.  Any mail received by the list server for
> this address would have its address parsed by Mailman and be redirected
> to the original author's real email address.  Would this pass RFC
> compliance?


It would probably be RFC compliant as long as the from address reliably
worked to send to the author, but there are other problems.

The first that comes to mind is suppose a yahoo.com user replies to a
post originally From: another yahoo.com user. There may be DMARC issues
with the delivery of this reply from the Mailman server to the original
poster.

Maybe not because the forwarding of the reply is a pass-through that
*probably* won't break a DKIM signature.

But then what if the original poster had included a Reply-To: to an
alternate address. This might result in a reply goint to the original
From: instead of the original Reply-To:.

Finally, there is this note from a draft document from the DMARC community:

NOTE: The inclusion of more than one domain in the RFC5322.From field is
dangerous.  Recent studies by two major senders show that ~95% of all
cases in which there is one domain in the RFC5322.From “display name”
and different domain in the RFC5322.From “address-spec” are fraudulent.
 This practice should be discouraged as there are efforts underway to
increase “spam scores” within inbound filtering when this is detected.

This implies that the "verp like" encoding should mangle things like
"example.com" so they don't look like domain names which could make them
difficult to parse.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list