[Mailman-Users] Executive summary of DMARC issues

Larry Finch finches at portadmiral.org
Thu May 15 14:47:48 CEST 2014

On May 14, 2014, at 11:47 PM, Stephen J. Turnbull <stephen at xemacs.org> wrote:

> Peter Shute writes:
>> When MS365 forwards the mails sent to the distribution list, should
>> that make the DMARC authentication fail? I thought that only
>> happened if you made changes like adding a prefix to the subject
>> line like Mailman does.
> If it forwards verbatim *and* the sending domain signs the mail with
> DKIM (the common case), DMARC validation will succeed.  Without DKIM,
> DMARC validation is guaranteed to fail.  However, even in the sender
> uses DKIM, *any* change *whatsoever* to the body will cause validation
> to fail, and there are several changes to the header that could cause
> it to fail.  Furthermore, which parts of the header are protected by
> the DKIM signature are determined by the sender, not by DMARC AFAIK.
> If distribution lists are pure forwards, MS365 will be OK.  But I find
> it hard to believe that that level of functionality is popular with
> users -- there's a reason why all popular MLMs implement subject
> prefixes, body headers and body footers, and it isn't "because it's
> the Microsoft way".

Especially as legally mailing lists are required to add unsubscribe instructions in the footer.

best regards,

Larry Finch
finches at portadmiral.org

More information about the Mailman-Users mailing list