[Mailman-Users] yahoo.com.INVALID as a DMARC defense [was: 2.1.18 internal documentation suggestions]
Stephen J. Turnbull
stephen at xemacs.org
Sat May 3 14:43:31 CEST 2014
Andrew Partan writes:
> Until people figure out real ways of making DMARC work with forwrders
> & mailing lists (see ietf-822 at ietf.org for one place discussions
> are going on), I think it useful to have more work-around hacks out
> there so that people can experiment with them to see which ones
> more-or-less work in different situations.
That's what they said about Reply-To munging, too.
If people want to implement them themselves and try them out, heck,
I've been wrong before and I'll be wrong again. But I don't think
*Mailman* should proactively implement RFC violations unless there's a
clear and present danger, and then the violations should try to be
minimal.[1]
DMARC, since it causes denial of service to third parties, is such a
clear and present danger. Here I interpret "minimal" to mean "try to
avoid to adding to the set of RFC violations out there." I know it's
tempting to imply that yahoo.com is an invalid domain, but it's not at
all necessary given that substituting the list-post address is what
Yahoo itself suggests. The original user is easily replied to via the
Reply-To hack.
Footnotes:
[1] Retroactive implementation, such as "Reply-To munging", may be
appropriate in response to customer demand.
More information about the Mailman-Users
mailing list