|
Boost : |
Subject: Re: [boost] Mangled "From" field in mailing list posts
From: Vladimir Prus (vladimir.prus_at_[hidden])
Date: 2017-06-13 08:22:53
On 12/06/2017 23:32, Michael Caisse via Boost wrote:
> On 6/11/17 06:48, Stefan Seefeld via Boost wrote:
>
>> The "From:" field could contain the full address of the original poster,
>> not just his name. That's how things were before the change, IIUC.
>> But, AFAIU, that had to change because some mail servers would refuse to
>> serve mail whose "From:" address differed from the "sender" field (which
>> is the list address in our case). Am I describing this correctly ? I
>> wonder how others handle this situation (in particular, how mailman and
>> similar tools deal with this themselves), given how frequent a use-case
>> this is...
>>
>> Stefan
>>
>
> With the old system, many people were having issues with DMARC filtering
> emails as-if they were spoof'd. In the recent couple years many
> corporate accounts have moved to utilize DMARC as part of their inbound
> authentication and the popularity continues to increase.
>
> Unfortunately, Mail Lists normally break because the original sender's
> domain DKIM signature doesn't match the Mail List. The most popular work
> around is rewriting the From header field. We are doing that in the most
> basic manner.
Hi Michael,
thanks for the explanation. So, if I understand correctly, the problem
is that some *senders* have their domains configured to ask recipients
to reject emails that don't pass DKIM or SPF? In other words, the
question is not how many organizations have DMARC for inbound
authentication, but how many users are sending emails to a mailing list
(which, by definition, forwards email with modifications) while also
requesting than any forwared with modifications emails are rejected by
recipients? How many such sending users/domains do we have?
I personally think it would be reasonable to just require that posters
don't use such domain configuration.
If that's not possible, can't we make Mailman not add any footers, and
don't add any DKIM signature of its own. Maybe, that will cause original
DKIM signature to remain valid and DMARC check to pass?
Thanks,
Volodya
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk