subject:"Re\: \[Mailman\-Users\] DMARC issue with Mailman List"

Re: [Mailman-Users] DMARC issue with Mailman List

2017-03-21 Thread Stephen J. Turnbull

Mark Sapiro writes:

 > > Our configuration is that our web site integration with PayPal has PayPal
 > > sending confirmation emails to a mailman list called treasurer-alias, so
 > > that multiple people are aware of the PayPal transaction.
 > 
 > PayPal.com publishes DMARC p=reject. Your treasurer-alias list makes
 > some message transformation such as adding a footer or subject prefix
 > that breaks PayPal's DKIM signature. Therefore recipient list member's
 > ISPs that honor DMARC will reject the message.
 > 
 > See  items 1) and 2) for ways to deal
 > with this. If your Mailman is 2.1.18+, I suggest setting Privacy
 > options... -> Sender filters -> dmarc_moderation_action to Munge From.

I recommend against that, since this is exactly the transactional
mailflow that DMARC "p=reject" was designed for.  Munge From makes it
difficult-to-impossible to verify mail apparently from PayPal without
ARC, which probably is not available on your site yet.

On the other hand, I suppose that there are few members of
treasurer-alias, and they would probably be willing to accept this
mailflow without the usual Subject tags and footer.  So the annoyance
level should not be huge if they were omitted.  So, I recommend that
you configure your list not to touch the Subject and body instead.

Steve
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC issue with Mailman List

2017-03-16 Thread Mark Sapiro

On 03/16/2017 06:20 AM, Terry Lund wrote:
> We are getting the following error for one of our users in one of our
> mailman lists. I've tried to figure out if one of the configuration options
> in Privacy Rules can be used to address this issue, but I am afraid I am
> not real clear on the implications of the relevent DMARC related
> parameters. Any insight or assistance would be much appreciated.
> 
> Our configuration is that our web site integration with PayPal has PayPal
> sending confirmation emails to a mailman list called treasurer-alias, so
> that multiple people are aware of the PayPal transaction.


PayPal.com publishes DMARC p=reject. Your treasurer-alias list makes
some message transformation such as adding a footer or subject prefix
that breaks PayPal's DKIM signature. Therefore recipient list member's
ISPs that honor DMARC will reject the message.

See  items 1) and 2) for ways to deal
with this. If your Mailman is 2.1.18+, I suggest setting Privacy
options... -> Sender filters -> dmarc_moderation_action to Munge From.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] DMARC issue with Mailman List

Re: [Mailman-Users] DMARC issue with Mailman List

2 matches

Site Navigation

Mail list logo

Footer information