On 04/09/2016 11:56 AM, Cedric Knight wrote: > On 23/05/15 22:45, Allan Hansen wrote: >> I have waited almost a year for AOL and Yahoo to admit that they >> messed up and to remove their DMARC policy. > > Me too. Sadly, Yahoo has recently (28 March) compounded their mess, > probably necessitating an update to workarounds on some Mailman > installations.
This should have no effect on Mailman 2.1.18+ installations since the deprecated 'from_is_list' mitigations apply to all list mail and the recommended 'dmarc_moderation_action' mitigations already check the From: domain's DMARC policy. There is one bug at <https://bugs.launchpad.net/mailman/+bug/1549420> that is fixed in 2.1.21. Prior to that, if a message was From: a subdomain of an 'organizational domain' and the subdomain didn't publish a DMARC policy, the organizational domain wasn't checked for dmarc_moderation_action. Beginning in 2.1.21 it is checked. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
