On 10/17/2017 10:55 AM, Christian F Buser via Mailman-Users wrote:
I can perfectly follow your thoughts and arguments, they appear to be
justified and reasonable.
Thank you. I tried to make them so that people could understand, even
if they choose to disagree.
However, could you please elaborate whether Mailman (version 2.x or
3.x) or any other mailing list software really follows your ideas?
Yes!!! Mailman (and other MLMs) /can/ be configured to be SPF / DKIM /
DMARC compliant!
If it is just a question of the setup for the mailing list, I would
expect your instructions on how to set it up properly.
I don't have the exact step by step details. - I'm sure others
(Mark...) on this list can give specifics on /how/ to configure Mailman.
The high level as I understand it is to do the following:
1) Set dmarc_moderation_action to munge From header.
2) Set REMOVE_DKIM_HEADERS to Yes (1) or 2 or 3.
3) Send messages from the list address. I recommend VERP.
Doing those three things ensures that messages leaving the mailing list
do not violate the original sending domain's SPF / DKIM / DMARC security
settings.
I would suggest that you also consider adding SPF / DKIM / DMARC for the
domain of the mailing list to apply similar protections to outgoing
messages. However that is not necessary to avoid undesired bounces.
Thank you, Christian
You're welcome.
--
Grant. . . .
unix || die
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
