On 21/03/20 4:06 am, Wietse Venema wrote:
Would it help if the postfix list used "dmarc mitigation" so that the From header does not contain your email address:
Well, in this particular case I'm seeing three messages from Jaroslaw end up in spam. Google says that all three pass DMARC and DKIM and SPF is neutral. Also in this particular case the DKIM signature includes the From: header, so DMARC mitigation would actually have invalidated DKIM.
While I think that DMARC mitigation will help I don't think it would have in this particular case. At a best guess a proper SPF record likely would have helped.
At the end of the day, I think both DMARC and SPF mitigation along with adding your own DKIM signature will help. In the case that DMARC mitigation is needed and there is an existing DKIM signature that will be invalidated by it then the existing sig would need to be removed as well.
I think the days of just forwarding messages through are over and we're in an era where mailing lists basically have to take full ownership of any messages they forward, so SPF, DKIM and DMARC policies that come from the list server and not from the original poster unless they can still pass.
This may well be the end of the line for the majordomo-based list server.
I do believe that there are ways of doing the mitigations from postfix and still retain mailman, but it may be a lot easier to simply switch to mailman.
Peter
