[dmarc-discuss] How does *this* mailing list interact with dmarc?

John Levine johnl at taugh.com
Fri Jun 22 13:02:59 PDT 2012

>My own idea was if there could be a 'more relaxed' mode of DKIM and/or
>SPF validation by DMARC, whereby the RFC5321.MailFrom domain can be
>considered.  Any mailing list or forwarder that re-signs with DKIM after
>altering anything, and/or can validate its MailFrom domain with SPF,
>should then be okay.

Surely you're kidding.  That would make DMARC totally useless, since
crooks could trivially bypass it by using throwaway bounce address
domains with SPF that always validates.

For the umpteenth time, we already know how to handle mailing list
mail, recognize the lists and whitelist them.  This isn't a problem
that needs to be solved.


More information about the dmarc-discuss mailing list