[dmarc-discuss] the mailing list bad idea, was Google & IPv6 SPF check

John Levine johnl at taugh.com
Mon Jun 18 19:24:11 PDT 2012


>Authentication-Results: localhost.junc.org (amavisd-new);
>     dkim=pass (1024-bit key) header.d=dmarc.org header.b=XR1b5kp3;
>     dkim=fail (1024-bit key) reason="fail (message has been altered)"
>     header.d=iecc.com header.b=f110HLgL; dkim=fail (1024-bit key)
>     reason="fail (message has been altered)" header.d=taugh.com
>     header.b=D7GzVcPz
>
>well dmarc.org pass, ok with me that the rest may fail, make all pass 
>is just an option in mailman to remove maillist senders dkim sig

Uh, no, that is not a DMARC pass.  The dmarc.org signature is good,
so it's trivial to whitelist mail from this list, but if you tried
to apply dmarc policies (the ones other than p=none) you would lose
all the list mail.

Perhaps this would be a good time to reread the DMARC spec.

R's,
John


More information about the dmarc-discuss mailing list