[Mailman-Users] non-subscribers getting through--email address in "Real Name"
Phil Stracchino
phils at caerllewys.net
Thu Jul 19 18:59:59 EDT 2018
On 07/19/18 17:11, John Levine wrote:
> In article <c5d1335d-0762-8a85-3257-239d5e2e46d6 at spamtrap.tnetconsulting.net> you write:
>> Yes. Just about everything can be spoofed to some degree. It really
>> depends on what information the owner of the purported sending domain
>> publishes and what filtering / consumption of said information the
>> receiving server exercises.
>
> Well, you know, this is what DMARC is intended to address. While
> DMARC checks on mail that has passed through mailing lists has all
> sorts of well known problems, doing DMARC checks on mail that arrives
> at a list server would be pretty benign. It's pretty rare for the
> path from a user to the mailman server to do things that would cause
> DMARC fails.
Actually, mailing lists and other redistribution are among the places
DMARC notably breaks. The real answer, which was created for this
purpose, is ARC (Authenticated Received Chain). That is designed from
the start to pass through mailing lists unbroken.
(Or so I'm told.)
--
Phil Stracchino
Babylon Communications
phils at caerllewys.net
phil at co.ordinate.org
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
More information about the Mailman-Users
mailing list