On Tue, May 16, 2023 at 10:15:35PM -0400, Bill Cole via Postfix-users <postfix-users@postfix.org> wrote:
> On 2023-05-16 at 21:09:35 UTC-0400 (Wed, 17 May 2023 09:09:35 +0800) > Tom Reed via Postfix-users <t...@dkinbox.com> > is rumored to have said: > [...] > > Since the message was sent to mailing list which rewrites envelope > > address > > and adds list signature, so: > > > > 1) SPF for header From: address won't get pass due to SRS. > > 2) DKIM won't get pass due to list signature. > > > > So the DMARC failed totally and the message was rejected. > > > > How to improve this? > > Do not reject mail solely based on DMARC failure. > > DMARC is fragile and unreliable. It has WELL-KNOWN incompatibilities with > traditional mailing list practices. The fact that DMARC exists does not > imply that it is entirely usable as deployed. > > -- > Bill Cole > b...@scconsult.com or billc...@apache.org > (AKA @grumpybozo and many *@billmail.scconsult.com addresses) > Not Currently Available For Hire Yes, it's best to let receiving MUAs deal with DMARC failures, rather than mail servers (which should just add Authentication headers). Then individual mail users can decide how they personally want to deal with it. cheers, raf _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
