[dmarc-discuss] Google & IPv6 SPF check

Al Iverson aiverson at spamresource.com
Tue Jun 12 15:22:34 PDT 2012


On Tue, Jun 12, 2012 at 9:41 AM, MH Michael Hammer (5304)
<MHammer at ag.com> wrote:

>> > Mike, your first route:
>> >
>> > 1)      Attempt to leave the DKIM signature intact as the list
>> handles mail.
>> > Ensuring an SPF pass would be a non-starter as far as I can tell.
>> >
>> > ..could be viable, too.  I'm having a hard time understanding how a
>> > modern mailing list would do this, though, as all of them decorate
>> > messages with headers, footers, siders, etc. to let you know what
>> service you're using.
>>
>> Which gets back to John Levine's point that mailing lists do what they
>> do and there's not a lot of point in trying to remake them.
>>
>> The simplest thing from a DMARC perspective that a mailing list could
>> do would be to rewrite the body From to something in the mailing
> list's
>> domain.  Then it's their DMARC/DKIM/SPF status that matters and not
> the
>> sending domain's.
>> Don't hold your breath though.
>>
>> Scott K
>
> I kind of agree with Scott and John but I think the exercise is still a
> useful one. I also prefer the list taking responsibility for their
> DMARC/DKIM/SPF status. I included trying to preserve DKIM because I
> think it's possible although  the other approach makes more sense to me.

I agree that the exercise is a useful one and it's one I've been
thinking about as well. It might mean that how you handle discussion
lists should change. Or will change. Or won't change. Who knows? But I
want to see what it looks like to try things certain different ways,
so I can get a feel for them in practice.

I realize that to the old school folks, this is like bragging about
farts in church, but I'm just not against the idea of trying stuff
like rewriting the message, maybe including the from address to be the
list's from address, signing and working with that policy instead of
the original sender's policy. To me, it is akin to how a mailing list
sending to you has its own sending IP reputation that takes precedence
over the reputation of the sending IP addresses of the original
authors.

It strikes me as wrong to just say "that sucks, nobody will ever do
it" and not actually consider it further, for better or worse. It
seems smarter to learn more.

Al Iverson



More information about the dmarc-discuss mailing list