[Mailman-Developers] Adding DMARC support for Mailman 3
Stephen J. Turnbull
stephen at xemacs.org
Wed Jul 10 20:23:29 CEST 2013
Barry Warsaw writes:
> For #1 you would have a rule that can answer the question of DMARC
> disposition. Rules output binary results,
This is somewhat problematic. DMARC results are potentially
trivalent. If action is "reject" and pct is less than 100, some hits
are "rejects" and some are "quarantine". Misses are misses. So I
guess you do this with a chain of two rules, the first one verifying
the message and if that hits (ie, verification fails) the second one
rolls the dice for pct.
> and if this rule hits, it would run an action, probably to discard
> the message, although it could also hold it or reject/bounce it.
Silent discards without content analysis make me queasy. I guess we
can work around that by doing DMARC checks after the content checks,
although the draft implies the DMARC checks should be done early. Or
we could reject, but unfortunately we can't reject in the SMTP
transaction, so we need to issue a DSN. That makes me really queasy,
because DSNs for illegitimate mail suck all around.
In case of a quarantine, maybe this should go into a separate queue
that silently waits for a moderator to look at the messages, and
discards them after a reasonable period of time (maybe two weeks?) So
they'd be there if somebody asks for a lost message, but otherwise no
bother.
Steve
More information about the Mailman-Developers
mailing list