[Mailman-Developers] ARC module implementation [was: GSOC 2016]
Aditya Divekar
adityadivekar03 at gmail.com
Thu Mar 3 12:20:24 EST 2016
Hi!
Sorry for the late reply. I was caught up in my mid term exams.
Stephen J. Turnbull wrote:
> In Mailman 2, there are a number of options. The one I recommend is
>
adding aol.com and yahoo.com to the subscription and poster ban
> lists.<0.7 wink/> This has the advantage (?) of also being usable in
> Mailman 3. A second is to configure the list without transforming the
> message at all (no Subject tags, header, or footer), thus preserving
> any valid DKIM signature. This also works in Mailman 3. These are
> standard configuration options which you might use anyway for
> completely different reasons. However, they sort undermine the
> argument for using Mailman in the first place for many sites.
>
> Yes, I think these are more of workarounds than solutions, if I'm
qualified enough to say so!
> Finally, the most sophisticated alternative is to parse the address
> out of From, and do the DMARC DNS dance to determine if the sending
> domain has a p=reject or p=quarantine policy. If so, use either the
> From-munging strategy or the MIME-wrapping strategy. These still have
> the disadvantages described above, but they only apply to posts From
> domains abusing DMARC.
>
> Since the receiver is going to get the mail through the mailing list
anyway, personally I think that the From munging strategy is not a bad
idea. The only case where I can imagine this will create a problem is if I
am receiving the mail as a list posting, and that suppose I want to get all
mails that <Stephen Turnbull> sends to the list in a different folder, then
I might face problems since the from header is changed, not allowing the
from filter. I am not sure if that problem will be encountered that often
in context of mailing lists since we usually read all mails from the list,
(since that is approximately the point behind mailing lists) unless we skip
some by their subject. (I personally haven't used such a feature, since I
tend to keep all non-me-referencing general mail from the list in the same
folder.) I might be wrong here.
P.S. Also, I have noticed that there is a feature defined in the handlers
to cleanse all the dkim headers from a mail sent to the list before it is
forwarded to the subscribers. We could simply use this to extract the
previous dkim signature, and generate the ARC authentication results since
its a copy of the previous results.
Aditya.
More information about the Mailman-Developers
mailing list