
I have two questions about the DKIM/spf munging that mailman does.
First: when it replaces the 'from' with a munged address [replacing the name with "name via thislist" does it stick the original email address somewhere in the message, so if a listmember wanted to reply to the original sender they'd be able to? I thought it did but I just looked through one and didn't see the poster's original email. [actually, let me amend that: I see that his email addr is in the 'cc' field -- did mailman do that or did he?]
Second, I'm a bit shaky [to say the least..:o)] about how the DKIM stuff all works.
I do have access to Unix shell account, so I can do dig and host and such. If a
listmember asks me if "@randomserver.com" is OK to not-get-munged when it
posts to the list, what would I do? Thanks
/Bernie
Bernie Cosell
bernie@fantasyfarm.com
-- Too many people; too few sheep --

Bernie,
On 12/12/2018 20:35, Bernie Cosell wrote:
First: when it replaces the 'from' with a munged address [replacing the name with "name via thislist" does it stick the original email address somewhere in the message, (...) "Reply-To:" field can be set with the original senders email address.0 (This is configurable by list admins as configuration option out of several possible)
Cheers
Christoffer

On 12/12/18 2:32 PM, Christoffer Hansen wrote:
"Reply-To:" field can be set with the original senders email address.0 (This is configurable by list admins as configuration option out of several possible)
Cheers
Christoffer
I'm not sure what you are trying to say, but the manual page you point to discusses the settings first_strip_reply_to, reply_goes_to_list and reply_to_address and these cannot in general be used to set Reply-To: to the original senders email address.
In particular, reply_goes_to_list = Poster sets nothing in Reply-To: allowing From: to control the reply address.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

On 12/12/18 11:35 AM, Bernie Cosell wrote:
I have two questions about the DKIM/spf munging that mailman does.
First: when it replaces the 'from' with a munged address [replacing the name with "name via thislist" does it stick the original email address somewhere in the message, so if a listmember wanted to reply to the original sender they'd be able to? I thought it did but I just looked through one and didn't see the poster's original email. [actually, let me amend that: I see that his email addr is in the 'cc' field -- did mailman do that or did he?]
Mailman did that. Mailman puts the original From: address in either Cc: or Reply-To:; which one depends on other list settings. The intent is that a reasonably comliant MUA will do the same thing with 'reply' and 'reply all' whether or not the From: is munged.
This generally means the original From goes in Reply-To: unless the list mungs the Reply-To: in which case it goes in Cc:
Second, I'm a bit shaky [to say the least..:o)] about how the DKIM stuff all works.
I do have access to Unix shell account, so I can do dig and host and such. If a listmember asks me if "@randomserver.com" is OK to not-get-munged when it posts to the list, what would I do? Thanks
This is actually, DMARC, not DKIM per se, but use 'dig' or some other DNS query tool to look up a TXT record associated with the name _dmarc.randomserver.com. For example
dig txt _dmarc.aol.com
finds
"v=DMARC1; p=reject; pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com;"
host -t txt _dmarc.aol.com
returns the same text.
What you are looking for is 'v=DMARC1' which says this is a DMARC policy record and then the p= value which is the policy which is one of 'reject', 'quarantine' or 'none'.
If your list is set with dmarc_moderation_action other than accept, that action will be applied to mail From: domains with a policy of 'reject' and possibly 'quarantine' or 'none' depending on the settings of dmarc_quarantine_moderation_action and dmarc_none_moderation_action.
Also, if the From: domain is not what is known as an organizational domain, e.g., some.subdomain.aol.com and that domain doesn't publish a DMARC policy, you then have to look up the policy of the organizational domain. For common TLDs like .com, .net, .gov, .org, .edu, etc. the organizational domain is just the top two levels, e.g. python.org, aol.com, etc.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Bernie Cosell
-
Christoffer Hansen
-
Mark Sapiro