[opendmarc-dev] draft: patch to implement an override mechanism for MLMs
Steven M Jones
smj+opendmarc at crash.com
Tue Oct 24 02:31:35 PDT 2017
On 10/24/2017 01:54, Marco Favero wrote:
>
> Hello,
Hi Marco, thanks for offering a suggestion.
> another drastic hint that could help to softly implement DMARC is to
> not enforce DMARC for mailing lists at all.
> In others words, automagically apply this patch for every client host
> that is sending a mail with a List-* header.
Okay, but what happens when spammers - some of whom monitor open source
projects like OpenDMARC - notice that they will be allowed through if
they just add one or more List-* headers to their messages? They'll add
those headers, and happily send through your filter.
If you make more checks for headers that common MLMs put into their
messages (Errors-To:, X-BeenThere:, X-Mailman-Version:) they'll add
those headers too.
This is why mailing list overrides are usually based on combinations of
whitelists, DKIM signatures, direct connection from the list servers, etc.
Apologies if I missed something, it's been a while since I read the
message you were quoting. If there's additional context that makes this
viable, please explain.
Thanks,
--S.
More information about the opendmarc-dev
mailing list