We are not asking mailman to do the work of DMARC here. There is openDMARC for that.
On Jul 10, 2013, at 11:23 AM, Stephen J. Turnbull <stephen(a)xemacs.org> wrote:
> Barry Warsaw writes:
>> For #1 you would have a rule that can answer the question of DMARC
>> disposition. Rules output binary results,
> This is somewhat problematic. DMARC results are potentially
> trivalent. If action is "reject" and pct is less than 100, some hits
> are "rejects" and some are "quarantine". Misses are misses. So I
> guess you do this with a chain of two rules, the first one verifying
> the message and if that hits (ie, verification fails) the second one
> rolls the dice for pct.
>> and if this rule hits, it would run an action, probably to discard
>> the message, although it could also hold it or reject/bounce it.
> Silent discards without content analysis make me queasy. I guess we
> can work around that by doing DMARC checks after the content checks,
> although the draft implies the DMARC checks should be done early. Or
> we could reject, but unfortunately we can't reject in the SMTP
> transaction, so we need to issue a DSN. That makes me really queasy,
> because DSNs for illegitimate mail suck all around.
> In case of a quarantine, maybe this should go into a separate queue
> that silently waits for a moderator to look at the messages, and
> discards them after a reasonable period of time (maybe two weeks?) So
> they'd be there if somebody asks for a lost message, but otherwise no