Re: [Mailman-Users] Mailman & DMARC question

2018-11-05 Thread Jim Popovitch via Mailman-Users
On Mon, 2018-11-05 at 10:07 -0600, David Gibbs wrote:
> My quandary is: Is there any risk in implementing my own more
> restrictive DMARC policy?
> 
> Currently my DMARC policy is 'p=none' ... but I'd like to change that
> to 'p=quarantine'.
> 
> Is there any risk running mailing lists from a domain with that DMARC
> policy?
> 
> My theory is that there isn't ... since DMARC is mainly concerned with
> the from address and, as long as mail sent from my domain aligns with
> the DMARC policy, everything should be good.
> 
> Is this correct ... or am I missing something?

You are correct, as long as the SPF and DKIM align you can set a
restrictive DMARC policy.  In addition to your p=none, you should add
ruf= and rua= stanzas so that you can see today what impact your present
DMARC settings have.

DMARC on your list domain will also help with any delivery issues for
list notifications, as well as any DMARC wrapped posts.

Further, you can test your setup by creating a test list, and then
subscribing and sending a list email to any of these:

  check-a...@verifier.port25.com 
  autore...@dmarctest.org
  autorespond+d...@dk.elandsys.com
  ch...@dmarcanalyzer.com
  checkmya...@auth.returnpath.net

-Jim P.

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org


[Mailman-Users] Mailman & DMARC question

2018-11-05 Thread David Gibbs

Folks:

I need a confirmation of a theory regarding Mailman (well, mailing lists in 
general) and DMARC.

After updating to a version of MM that supports handling domains with DMARC 
policies, everything seems to be working OK.

My quandary is: Is there any risk in implementing my own more restrictive DMARC 
policy?

Currently my DMARC policy is 'p=none' ... but I'd like to change that to 
'p=quarantine'.

Is there any risk running mailing lists from a domain with that DMARC policy?

My theory is that there isn't ... since DMARC is mainly concerned with the from 
address and, as long as mail sent from my domain aligns with the DMARC policy, 
everything should be good.

Is this correct ... or am I missing something?

Thanks!

david

--
IBM i on Power Systems: For when you can't afford to be out of business!

I'm riding 615 miles (Yes, you read that right) in the American Diabetes 
Association's Tour de Cure to raise money for diabetes research, education, 
advocacy, and awareness.  You can make a tax deductible donation to my ride by 
visiting https://gmane.diabetessucks.net.

You can see where my donations come from by visiting my interactive donation 
map ... https://gmane.diabetessucks.net/map (it's a geeky thing).

I may have diabetes, but diabetes doesn't have me!

--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org