[Mailman-Users] DMARC and Reply-To lines with from_is_list munging.
Richard Damon
Richard at Damon-Family.org
Sat May 10 04:27:45 CEST 2014
On 5/9/14, 10:13 PM, John Levine wrote:
>> Arguably, the correct response to DMARC filtering _should_ be the MIME
>> encapsulation of list mail, with appropriate RFC 2369 headers added to
>> the enclosing MIME structure leaving the content un-munged, with all
>> information from the original poster intact. Arguably, MUAs should be
>> transparent to this. Arguably, this would have been the best design for
>> the operation of mailing lists in email-space from the git-go.
> Unfortunately, this argument falls over when you note that spammers
> and phishers can encapsulate their paypal.com phishes and add list
> headers, too.
>
> The correct response is either for senders to stop publishing DMARC
> policies that don't match the way their users use mail (fat chance),
> or for recipient systems to skip the DMARC checks on mail from sources
> that are known to send mail that recipients want but that doesn't
> match DMARC's narrow authentication model, e.g., mailing lists and the
> Wall Street Journal's mail-an-article button.
>
> Failing that, all we have left is hacks, none of which are satisfactory.
>
> R's,
> John
>
But the wrapped message could pass the DMARC DKIM signature check, if it
will exactly matchs the message that came from Yahoo/AOL. (which the
phish won't). This says that the List Headers, modified subject, list
headers and footers should be added to the wrapping message, not the
wrapped message, which also says that the MUA shouldn't throw this away,
but combine these with the original message (but in a way that makes it
clear which is which).
--
Richard Damon
More information about the Mailman-Users
mailing list