[Mailman-Developers] MM3 DMARC mitigations

David Andrews dandrews at visi.com
Sat Nov 5 12:29:13 EDT 2016

At 11:06 AM 11/5/2016, Mark Sapiro wrote:

>However, I've just become aware that Microsoft has implemented another
>"feature". So far, the info I have is this is limited to their "hosted
>mail services", but it may well spread. What they are doing is looking
>at incoming mail for signs of spoofing/phishing and if found, they place
>a prominent notice
>This sender failed our fraud detection checks and may not be who they
>appear to be. Learn about spoofing<http://aka.ms/LearnAboutSpoofing>
>in the message. The issue for us is that one of the tests is the To: and
>From: addresses are the same. That means that any message To: a list
>with DMARC mitigations applied will be sent From: the list and any
>recipients using these Microsoft services will see that warning in the
>list message[1].
>How long will it be before this spreads to all Microsoft email services

This message has started appearing on messages on a list I subscribe 
to at work, the state of MN, and they use hosted office 365 etc., and 
the messages are almost always from legitimate senders, so going to 
be a problem.


More information about the Mailman-Developers mailing list