[dmarc-discuss] How does *this* mailing list interact with dmarc?
zwicky at yahoo-inc.com
Wed Jun 20 10:29:21 PDT 2012
Don't use quarantine or reject policies on domains that contain real users; use them on transactional domains.
Mailing lists and forwarding are both heavily used by real people and will break DMARC.
On Jun 20, 2012, at 6:20 AM, Steven Chamberlain wrote:
> When I send this mail to the list, I would expect it to be forwarded to
> its subscribers keeping the RFC5322.From address of steven at pyro.eu.org
> The dmarc.org domain has an SPF record that should authenticate the
> RFC5321.MailFrom of forwarded mails, but this will not be in alignment
> with RFC5322.From as per DMARC 4.2.2. and so is not considered.
> From the list archives it appears there would be some list information
> and unsubscribe instructions appended to the message body, which would
> cause my DKIM signature not to verify. Even if the list would apply
> some DKIM signature of its own, it cannot do so for the RFC5322.From
> domain as required by DMARC 4.2.1.
> I believe this makes a DMARC failure result inevitable. In my first few
> days of trying DMARC this has been quite apparent from my mails to
> @lists.debian.org and @freebsd.org triggering failure reports.
> Some recipients like Google Mail recognise those lists and use the
> mailing_list policy override. But this is not the default behaviour of
> DMARC and so most other mail receivers who implement it, report a failure.
> With many DMARC implementors probably subscribed to this list, I expect
> to be receiving some new failure reports shortly :)
> Steven Chamberlain
> steven at pyro.eu.org
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
More information about the dmarc-discuss