Re: DMARC: perspectives from a listadmin of large open-source lists

Sabahattin Gucukoglu <> Tue, 08 April 2014 05:06 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id AE2F51A010C for <>; Mon, 7 Apr 2014 22:06:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id T8oEUhkt0WW8 for <>; Mon, 7 Apr 2014 22:06:40 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id D21441A010B for <>; Mon, 7 Apr 2014 22:06:39 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from [] ( []) by (Oracle Communications Messaging Server 7u4-27.08( 64bit (built Aug 22 2013)) with ESMTPSA id <> for; Tue, 08 Apr 2014 05:06:33 +0000 (GMT)
Subject: Re: DMARC: perspectives from a listadmin of large open-source lists
From: Sabahattin Gucukoglu <>
In-reply-to: <alpine.BSF.2.00.1404072357400.73388@joyce.lan>
Date: Tue, 08 Apr 2014 06:06:27 +0100
Message-id: <>
References: <> <alpine.BSF.2.00.1404072357400.73388@joyce.lan>
To: John Levine <>
X-Mailer: Apple Mail (2.1510)
X-CLX-Spam: false
X-CLX-Score: 1011
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.96, 1.0.14, 0.0.0000 definitions=2014-04-08_02:2014-04-07, 2014-04-08, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1404070317
Cc: IETF general list <>, "Robin H. Johnson" <>,
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 08 Apr 2014 05:06:45 -0000

On 8 Apr 2014, at 05:21, John R Levine <> wrote:
> Mailing list apps can't "implement DMARC" other than by getting rid of every feature that makes lists more functional than simple forwarders. Given that we haven't done so for any of the previous FUSSPs that didn't contemplate mailing lists, because those features are useful to our users, it seems unlikely we'll do so now.

Well,  Mailman 2.1.16 has the FROM_IS_LIST feature that "Fixes" the problem by putting the list address in the From: field.  That seems to work, except that you lose information (the sender's address) if the list wants to operate a policy of "Reply goes to list".  You can then assure that DKIM signatures are valid and set up SPF, etc.  This also has the effect of letting you operate through the various cloud email platforms that try to validate sender addresses.

But I agree it's broken.