[Bug 1539384] Re: Non-blocking DMARC mitigations should also be done for p=none

Mark Sapiro mark at msapiro.net
Tue Dec 27 12:59:48 EST 2016

Jakob writes "Mailman is intentionally disregarding the RFC and causing
its default behavior to cause problems for postmasters whose users are
permitted to participate in mailing lists ..."

I assume the RFC you are referring to is RFC 7960. I have read this RFC
and I do not draw the same conclusion. In particular, section 2,
paragraph 2 says

   Note that domains that assert a "p=none" policy and email messages
   that pass standard DMARC validation do not have any interoperability

which implies to me that it is not necessary to apply any mitigations to
messages From: domains publishing p=none.

Clearly you believe otherwise. Please identify specific RFC sections and
language that support your opinion.

The mitigations of modifying the From: header or wrapping the message
have negative consequences for users of at least some MUAs, so list
owners have incentives to apply them to as few messages as possible. We
are currently working on the mitigation strategy for Mailman 3 and have
decided at this point to not have controls over which policies trigger
mitigation, but when mitigating based on policy to apply mitigation for
p=reject and p=quarantine, and not p=none. If we are convinced that RFCs
say we SHOULD or MUST apply munge/wrap mitigations to messages from
p=none domains, we will do that, so please tell us why you think they

You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.

  Non-blocking DMARC mitigations should also be done for p=none

To manage notifications about this bug go to:

More information about the Mailman-coders mailing list