On Sat, Jan 17, 2015 at 01:20:58PM -0500, Gene Cumm wrote:> On Sat, Jan 17, 2015 at 12:56 PM, Patrick Masotta wrote: > > On Sat, 2015-01-17 Geert Stappers wrote: > > > If 1 person with a yahoo.com e-mail adres does reply on this > > > message, then we have test result for the setting that was changed > > > wednesday. > > > > test > > Patrick, > > Due to Yahoo!'s DMARC, you probably didn't see the other two tests I > already sent as I didn't see this reply of yours in my Yahoo! account, > both of which appeared to be Base64 encoded (though sending to my > GMail they were not). I do see yours is actually plain textIt is the From: header that had be rewritten by Mailman when getting messages from domain with DMARC policy set to reject. ( example given: yahoo.com ) The test showed it wasn't rewritten. :-( The version of Mailman that Syslinux is using should be able to do it. Why it doesn't, is unclear to me. ( I don't have shell access to the involved server ) Neither I don't have the power to order further research on what is going on. I can only ask for further for research why Mailman is not acting upon 'dmarc_moderation_action' settings. @Patrick: Thank you for the good test data. Due the fact that you Cc-ed me, I could compare what sent direct to me and what got through the mailinglist. ( No From header munging, both where Content-Type: 7bit ) Groeten Geert Stappers -- Leven en laten leven ------------- volgend deel ------------ Een niet-tekst bijlage is gescrubt... Naam: signature.asc Type: application/pgp-signature Grootte: 836 bytes Omschrijving: Digital signature URL : <http://www.zytor.com/pipermail/syslinux/attachments/20150117/d77c188b/attachment.sig>
Maybe this[1] page, option 3.C. That strikes me as attractive, if only the mailing-list software can easily support it. (Or be hacked to support it; I'm willing to try.) Or, the "From" could be the mailing-list, the "Reply-To" could be the author, then the "CC" could be the mailing-list plus original "CC" addresses. If someone hits the "Reply" button on their key-panel, they reach the author. If someone hits "Reply All", the mailing-list also grabs it. If someone hits "Reply List", it's because their e-mail program is smart like that. Ultimately, I don't think counter-measures against spoofing "From" are going away any time soon. - Shao Miller [1] http://www.dmarc.org/faq.html#s_3
On Thu, Jan 22, 2015 at 10:29:13PM -0500, Shao Miller wrote:> Maybe this[1] page, option 3.C. That strikes me as attractive, if > only the mailing-list software can easily support it. (Or be hacked > to support it; I'm willing to try.) > > Or, the "From" could be the mailing-list, the "Reply-To" could be > the author, then the "CC" could be the mailing-list plus original > "CC" addresses. If someone hits the "Reply" button on their > key-panel, they reach the author. If someone hits "Reply All", the > mailing-list also grabs it. If someone hits "Reply List", it's > because their e-mail program is smart like that.On friday morning, in UTC+1, was 'From' set to "Wrap message". Sunday afternoon, also UTC+1 was 'From' set to "Munge From". In Mailman is that described as: Munge From This action replaces the poster's address in the From: header with the list's posting address and adds the poster's address to the addresses in the original Reply-To: header. That matches option B from [1]. Quoting that URL Replace From: address, set Reply-To: to message author Change the RFC5322.From address to an address within the mailing list's domain user at example.com => address at mailinglistdomain.com Set or change the RFC5322.ReplyTo address to the message author> Ultimately, I don't think counter-measures against spoofing "From" > are going away any time soon.And "the pessimistic me" feels the need to warn about communication killers being named spam figthers ...> > - Shao Miller > > [1] http://www.dmarc.org/faq.html#s_3Groeten Geert Stappers -- Leven en laten leven ------------- volgend deel ------------ Een niet-tekst bijlage is gescrubt... Naam: signature.asc Type: application/pgp-signature Grootte: 836 bytes Omschrijving: Digital signature URL : <http://www.zytor.com/pipermail/syslinux/attachments/20150125/d802b729/attachment.sig>