----- Forwarded message from Steve Litt <[email protected]> -----
Date: Sun, 25 Sep 2022 05:28:58 -0400 From: Steve Litt <[email protected]> To: [email protected] Subject: Re: [golugtech] DMARC mitigation, ezmlm, and [email protected] On Sun, 2022-09-25 at 02:14 -0700, Rick Moen wrote: > It is claimed that ezmlm-idx provides a mitigation for the problem. > I repeat, here and now, my suggestion that you should look into that. It looks like my Web host, Futurequest, is using ezmlm-idx and has been for over a decade: https://www.futurequest.net/forums/showthread.php?t=24961 . Apparently ezmlm-idx was written by Bruce Guenter, who is employed at Futurequest. So the remaining questions are: 1) Am I actually using ezmlm-idx 2) Does ezmlm-idx protect against the stuff you talked about So perhaps everything's already good. Or not. I'll try to figure it out later. SteveT --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] ----- End forwarded message ----- ----- Forwarded message from Rick Moen <[email protected]> ----- Date: Sun, 25 Sep 2022 06:38:31 -0700 From: Rick Moen <[email protected]> To: [email protected] Subject: Re: [golugtech] DMARC mitigation, ezmlm, and [email protected] Organization: If you lived here, you'd be $HOME already. Quoting Steve Litt ([email protected]): > So the remaining questions are: > > 1) Am I actually using ezmlm-idx > > 2) Does ezmlm-idx protect against the stuff you talked about You're a troublshooter, Steve. What you need is a test case. Let's imagine that you have a user on your mailing list using a domain with a strongly asserted DMARC policy, say, Steve Litt <[email protected]>. How do we know that yahoo.com has such a policy? We look directly at the DMARC record in yahoo.com's DNS, and verify that it declares p=reject or p=quarantine as the requested policy for receiving MTAs to apply. :r! dig -t txt _dmarc.yahoo.com. +short "v=DMARC1\; p=reject\; pct=100\; rua=mailto:[email protected]\; ruf=mailto:[email protected]\;"; Overly aggressive DMARC policy in a sending user's domain's DNS, check. Now, you need a receiving mailing list member who's at a domain that _enforces_ other domains' DMARC policies. GMail will do nicely, so, say, Steve Litt <[email protected]> , as the test receiver. So, now you have Steve Litt <[email protected]> post to the mailing list. It hits the MLM, and gets registered in the MLM's cumulative traffic archive (if any). And now, you can check with relevant subscribers such as Steve Litt <[email protected]>, to see whether their receiving MTAs rejected the mailing list copy's remailing to them of Steve Litt <[email protected]>'s post. _If_ the MLM's DMARC mitigation is enabled and is the same as Mailman's, then, upon transit through the MLM to subscribers (and to the archive if any), the original From: Steve Litt <[email protected]> would get munged by the MLM to From Steve Litt via <[email protected]> and would have appended this new header: Reply-To: Steve Litt <[email protected]> That is the (altered) form of Steve Litt <[email protected]>'s posting that would be received by all subscribers including Steve Litt <[email protected]> -- if the same DMARC mitigation as Mailman's is applied. Hope that helps. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] ----- End forwarded message ----- _______________________________________________ luv-main mailing list -- [email protected] To unsubscribe send an email to [email protected]
