[Mailman-Users] Ignore DMARC bounces?

[Stephen J. Turnbull]

Sparr writes:

 > Modifying the messages bothers me (and a lot of other people, as
 > indicated by the last dozen times similar conversations have been had,
 > about changing Reply-To and From and Subject and ...) and should be
 > the last resort.

Well, actually the point is that lists need to do fewer modifications
than they already do.  DMARC has two tests, one for the domain in From
being equivalent to the IP of the SMTP client, which will fail unless
the author is at the mailing list's domain, and a DKIM signature.  The
signature will survive and be valid at the recipient in the case that
the message is completely unmodified.

However, mailing lists typically make one or more of the following
modifications: add a list tag to the Subject field, add a header or
footer to the body, remove prohibited MIME bodies (.exes, text/html,
etc), or transform text/html to text/plain.  Any of those will cause
the usual DKIM signature to be invalidated.  DMARC-using domains
typically sign From (required by the DKIM protocol), To, Cc, Subject,
and the whole body (effectively including the end of the message,
preventing appended material such as a footer).

My personal opinion is that these traditional changes are expected and
desired by mailing list subscribers, and that posting from "p=reject"
domains is thereby a violation of the policy of the "p=reject" domain,
and places other subscribers at risk.  I think mailing lists should
reject such posts (if the signature is valid), or silently discard
them (if it is not).

However, subscribers from those domains are unlikely to agree ....