dovecot - Feb 2019 - offtopic: rant about thoughtless enabling DMARC checks

On 10/02/2019 12:49, Benny Pedersen via dovecot wrote:
> fixing mailman will be the fail, solve it by letting opendkim and opendmarc
not reject detected maillist will be solution,
A general broad mailing list whitelist will be problematic, do work it
needs to look for specific list type hidden headers,  spammers and
nasties will incorporate those headers into their trash that
impersonates mailing lists and voila, they pass. there is no quick and
easy fix to the dmarc mess other than p=none aspf=s (DKIM is another one
that gets narky at lists, and despite all the spf haters dreams, I've
never had a problem with spf and lists, and we were an early beta
adopter of spf) 

-- 
Kind Regards, 

Noel Butler 

 		This Email, including any attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents 

 

Links:
------
[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190211/3ff4a535/attachment-0001.html>

On 2/10/19 3:42 PM, Noel Butler via dovecot wrote:
> On 10/02/2019 12:49, Benny Pedersen via dovecot wrote:
> 
>>
>> fixing mailman will be the fail, solve it by letting opendkim and 
>> opendmarc not reject detected maillist will be solution,
> 
> 
> A general broad mailing list whitelist will be problematic, do work it 
> needs to look for specific list type hidden headers,? spammers and 
> nasties will incorporate those headers into their trash that 
> impersonates mailing lists and voila, they pass.
However the majority of spammers do not spam with a properly configured 
Reverse DNS - so detect the list header and skip DMARC if list headers 
are present AND Reverse DNS matched the HELO/EHLO

On 2/10/19 3:46 PM, Michael A. Peters via dovecot wrote:
> On 2/10/19 3:42 PM, Noel Butler via dovecot wrote:
>> On 10/02/2019 12:49, Benny Pedersen via dovecot wrote:
>>
>>>
>>> fixing mailman will be the fail, solve it by letting opendkim and 
>>> opendmarc not reject detected maillist will be solution,
>>
>>
>> A general broad mailing list whitelist will be problematic, do work it 
>> needs to look for specific list type hidden headers,? spammers and 
>> nasties will incorporate those headers into their trash that 
>> impersonates mailing lists and voila, they pass.
> 
> However the majority of spammers do not spam with a properly configured 
> Reverse DNS - so detect the list header and skip DMARC if list headers 
> are present AND Reverse DNS matched the HELO/EHLO
> 
Also, DMARC isn't really anti-spam technology, it's anti-spoof
technology.

Rather than fake mail list headers, spammers will just use domains w/o a 
DMARC policy. Much easier.

On 11/02/2019 09:46, Michael A. Peters via dovecot wrote:

> 
> 
> However the majority of spammers do not spam with a properly configured 
> Reverse DNS - so detect the list header >and skip DMARC if list headers 
> are present AND Reverse DNS matched the HELO/EHLO
> 

A hell of a lot do, though (this is pretty average percentages here)

Accepted 70.07%
Rejected  29.93%
-----------------
Total      100.00%
============
5xx Reject relay denied 4.27%
5xx Reject unknown user 7.93%
5xx Reject sender address 7.32%
5xx Reject unknown client host 52.44%
5xx Reject RBL 3.66%
5xx Reject milter 24.39%
========================Total 5xx Rejects 100.00%

unknown client host was high as 95% up till about 10 years ago, so they 
are slowly learning.




-- 
Kind Regards,

Noel Butler

This Email, including any attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written 
authority
to do so. If you are not the intended recipient, please notify the 
sender
then delete all copies of this message including attachments, 
immediately.
Confidentiality, copyright, and legal privilege are not waived or lost 
by
reason of the mistaken delivery of this message. Only PDF and ODF 
documents
accepted, please do not send proprietary formatted documents