[Mailman-Users] DMARC hack

Mark Sapiro mark at msapiro.net
Sun May 24 21:56:25 CEST 2015

On 05/24/2015 09:02 AM, Allan Hansen wrote:

> Checking for aol.com and yahoo.com here alone will not work. I have a bunch of other subscribers that have
> accounts with providers that are owned by Yahoo (mostly) and AOL, but whose addresses are not of this form.
> I would have to do this for all addresses, to be safe.

You only have to mung those addresses for which the domain publishes a
DMARC p=reject policy. This almost certainly does not include aol and
yahoo provided 'other' domains.

The code in Mailman 2.1.18+ actually does a DNS lookup of the DMARC
policy. In all the myriad @python.org list posts, the only domains I see
with p=reject are aol.com, yahoo.com and paypal.com.

> If I do this and add the bit about the Reply-To, what would the code look like?

I'm currently between flights in an airport. When I get a chance, I'll
post some code.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list