IETF Logo Mail Archive

Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions

Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 19 December 2016 18:16 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BDF012958E for <ietf@ietfa.amsl.com>; Mon, 19 Dec 2016 10:16:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lt5Z2mh_bYNG for <ietf@ietfa.amsl.com>; Mon, 19 Dec 2016 10:16:09 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48DA4129571 for <ietf@ietf.org>; Mon, 19 Dec 2016 10:09:32 -0800 (PST)
Received: from [172.31.30.83] (gzac12-mdf2-1.aoa.twosigma.com [208.77.215.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 10C75284AD8 for <ietf@ietf.org>; Mon, 19 Dec 2016 18:09:31 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions
Date: Mon, 19 Dec 2016 13:09:29 -0500
References: <20161218220828.14035.qmail@ary.lan> <b3da92dd-b0b8-a6c0-8d69-e733ad3e5fc6@gmail.com> <alpine.OSX.2.11.1612182027050.19818@ary.qy> <1ffbca1e-a08a-1551-ea56-eef1b78e2037@gmail.com> <E7616959-2814-45EC-9CFE-3189C2F27D57@dukhovni.org> <5144.1482170375@obiwan.sandelman.ca>
To: IETF general list <ietf@ietf.org>
In-Reply-To: <5144.1482170375@obiwan.sandelman.ca>
Message-Id: <377D7941-6290-467F-803F-93BD84F85D95@dukhovni.org>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/-28ilDsgxy7qq51MXrOJSQY2bt0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 18:16:10 -0000

> On Dec 19, 2016, at 12:59 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> 
>> A third choice is to configure the list to neither add footers, nor
>> modify the subject line.  At which point you're no longer breaking DKIM
>> signatures, and DMARC passes.
> 
> I don't understand how it can "pass".
> It's still arriving from an IP address not listed in the SPF, claiming to be
> From the provider.

It passes DKIM, which is sufficient.  SPF checks the envelope, and the list
replaces the envelope sender with the list owner address, so SPF also passes
(for the envelope sender, while DKIM validates the RFC2822.From).

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email