Folks:
I need a confirmation of a theory regarding Mailman (well, mailing lists in general) and DMARC.
After updating to a version of MM that supports handling domains with DMARC policies, everything seems to be working OK.
My quandary is: Is there any risk in implementing my own more restrictive DMARC policy?
Currently my DMARC policy is 'p=none' ... but I'd like to change that to 'p=quarantine'.
Is there any risk running mailing lists from a domain with that DMARC policy?
My theory is that there isn't ... since DMARC is mainly concerned with the from address and, as long as mail sent from my domain aligns with the DMARC policy, everything should be good.
Is this correct ... or am I missing something?
Thanks!
david
-- IBM i on Power Systems: For when you can't afford to be out of business!
I'm riding 615 miles (Yes, you read that right) in the American Diabetes Association's Tour de Cure to raise money for diabetes research, education, advocacy, and awareness. You can make a tax deductible donation to my ride by visiting https://gmane.diabetessucks.net.
You can see where my donations come from by visiting my interactive donation map ... https://gmane.diabetessucks.net/map (it's a geeky thing).
I may have diabetes, but diabetes doesn't have me!
On Mon, 2018-11-05 at 10:07 -0600, David Gibbs wrote:
You are correct, as long as the SPF and DKIM align you can set a restrictive DMARC policy. In addition to your p=none, you should add ruf= and rua= stanzas so that you can see today what impact your present DMARC settings have.
DMARC on your list domain will also help with any delivery issues for list notifications, as well as any DMARC wrapped posts.
Further, you can test your setup by creating a test list, and then subscribing and sending a list email to any of these:
check-auth@verifier.port25.com autoreply@dmarctest.org autorespond+dkim@dk.elandsys.com check@dmarcanalyzer.com checkmyauth@auth.returnpath.net
-Jim P.
As far as I can tell, Mailman 3 will not let me include an EAI email address as a mail list recipient. This was discussed more that two years ago, but I do not think the support in Mailman 3 has changed.
I understand that EAI requires support for the SMTPUTF8 extension in all relays involved. I want to allow EAI subscribers, at least on a couple of test mail lists to figure out the consequences of allowing EAI on the whole infrastructure.
Russ
On 11/8/18 1:19 AM, Russ Housley wrote:
Correct. It is still not supported.
Also, a better list for discussion of Mailman 3 is <https://lists.mailman3.org/mailman3/lists/mailman-users@mailman3.org/>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Mon, 2018-11-05 at 10:07 -0600, David Gibbs wrote:
You are correct, as long as the SPF and DKIM align you can set a restrictive DMARC policy. In addition to your p=none, you should add ruf= and rua= stanzas so that you can see today what impact your present DMARC settings have.
DMARC on your list domain will also help with any delivery issues for list notifications, as well as any DMARC wrapped posts.
Further, you can test your setup by creating a test list, and then subscribing and sending a list email to any of these:
check-auth@verifier.port25.com autoreply@dmarctest.org autorespond+dkim@dk.elandsys.com check@dmarcanalyzer.com checkmyauth@auth.returnpath.net
-Jim P.
As far as I can tell, Mailman 3 will not let me include an EAI email address as a mail list recipient. This was discussed more that two years ago, but I do not think the support in Mailman 3 has changed.
I understand that EAI requires support for the SMTPUTF8 extension in all relays involved. I want to allow EAI subscribers, at least on a couple of test mail lists to figure out the consequences of allowing EAI on the whole infrastructure.
Russ
On 11/8/18 1:19 AM, Russ Housley wrote:
Correct. It is still not supported.
Also, a better list for discussion of Mailman 3 is <https://lists.mailman3.org/mailman3/lists/mailman-users@mailman3.org/>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (4)
-
David Gibbs -
Jim Popovitch -
Mark Sapiro -
Russ Housley