Or better yet, strip the DKIM record and resign it with your own key. Bottom line, end of the matter is, your list, your responsibility. The traffic needs to be seen as coming from you, but with enough details to identify the original author for auditing and forensics.
Aloha, Michael. -- Sent from my Windows Phone ________________________________ From: Dave Warren<mailto:da...@hireahit.com> Sent: 2/12/2015 9:39 PM To: mailop@mailop.org<mailto:mailop@mailop.org> Subject: Re: [mailop] help with running a listserv and DMARC On 2015-02-12 16:35, Michael Orlitzky wrote: > On 02/12/2015 01:26 PM, Michael Wise wrote: >> You need to rewrite the From: Header. >> > To elaborate: if you send a message claiming to be From: u...@aol.com, > it's going to be rejected by anyone who checks their DMARC policy. > Because you aren't AOL. Rewrite the header so it says "From: > your-listserv on behalf of u...@aol.com <l...@example.com>". Then the > recipient won't care about AOL's DMARC policy. Or if the message is DKIM signed with a restrictive DMARC policy, just don't modify the message. If you're not modifying the subject or adding a footer or whatever, a message can successfully pass through a mailing list with DKIM signature intact. This isn't necessarily compatible with all mailing lists though, for obvious reasons. Such is life. Personally, I have no problem mangling or blocking messages from users using a domain with a restrictive DMARC policy as needed. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren _______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
