[Mailman-Users] non-subscribers getting through--email address in "Real Name"
John Levine
johnl at taugh.com
Sat Jul 21 16:22:44 EDT 2018
In article <dedbcda0-7399-d932-c2b9-e784f73daeb1 at caerllewys.net> you write:
>On 07/19/18 17:11, John Levine wrote:
>> In article <c5d1335d-0762-8a85-3257-239d5e2e46d6 at spamtrap.tnetconsulting.net> you write:
>>> Yes. Just about everything can be spoofed to some degree. It really
>>> depends on what information the owner of the purported sending domain
>>> publishes and what filtering / consumption of said information the
>>> receiving server exercises.
>>
>> Well, you know, this is what DMARC is intended to address. While
>> DMARC checks on mail that has passed through mailing lists has all
>> sorts of well known problems, doing DMARC checks on mail that arrives
>> at a list server would be pretty benign. It's pretty rare for the
>> path from a user to the mailman server to do things that would cause
>> DMARC fails.
>
>Actually, mailing lists and other redistribution are among the places
>DMARC notably breaks. The real answer, which was created for this
>purpose, is ARC (Authenticated Received Chain). That is designed from
>the start to pass through mailing lists unbroken.
>
>(Or so I'm told.)
You missed a key point. I was suggesting DMARC-ish checks on mail *to* a
maiing list, where they should work fine. Mail *from* a mailing list is
indeed screwed up by DMARC which is why I've been working on ARC libraries.
R's,
John
More information about the Mailman-Users
mailing list