:: Re: [DNG] Excessive bounces
Página Inicial
Delete this message
Reply to this message
Autor: Daniel Abrecht
Data:  
Para: dng
Assunto: Re: [DNG] Excessive bounces
I'm sorry, I'm using DMARC, and I didn't get the DMARC report about the
bounced mails, probably because I forgot a DMARC DNS entry for the
report receiving mail address. I have changed my DMARC policy from
reject to quarantine for now.

That said, I won't remove the DMARC record completely, and I plan to
switch my DMARC policy back to reject after this issue has been
resolved. A lot of people claim that DMARC won't work with mailing
lists, but this isn't correct, it's just that most mailing lists aren't
configured in a way that makes DMARC usable, (and no, changing the from
address isn't the correct solution.)

I use DMARC and believe it to be necessary because it allows me to:
1) Make sure nobody can use my E-Mail address to impersonate me or send
spam
2) I will be notified if anyone attempts to do so
3) The recipient can check if the message content was changed

That said, the correct way to deal with DKIM, SPF and DMARC protected
mails is to:
1) Provide an SPF record. This mailing list doesn't seam to have one
2) Don't change anything from the message below the DKIM headers, add
the other headers before the DKIM signature instead. This will also
solve the problem that some mail clients like the android mail client
don't display text-only mails correctly.

In think the email body, subject and from header shouldn't be altered
anyway. Of course, changing the from header and removing the DKIM header
would avoid the problem as well, but I'm against that solution since it
obscures who wrote the mail.

I haven't done much with mailman yet, so I don't know how it needs to be
configured or if it can even be configured that way. I'll take a look at
mailman in a few weeks.

I've attached two versions of an email I've sent to the list earlier.
The first one contains the message as I received it again from the list.
The second one is edited in such a way that the added headers and the
original message body are preserved and the DKIM check succeeds, only
the added mailing list signature was removed.

Daniel Abrecht