Mark Sapiro writes: > On 11/24/18 9:17 PM, Jayson Smith wrote: > > I had a Mailman/DNS problem after upgrading a lot of packages. A > > message came in, Mailman couldn't properly look up the DMARC > > policy of the sending ISP, didn't munge the From: and sent the > > message on its way... > > What was the lookup issue? I.e., what were the messages in Mailman's > error and maybe vette logs? What Mailman version is this?, beginning > with Mailman 2.1.25, some failures in DNS lookups of DMARC policy result > in mitigations being applied.
Another possibility would be to cache the results, as a fallback to the DNS lookup. If the cache hit rate is high enough (as it would be for members-only lists -- the member test would be done first), this should reduce DMARC lookup failures to near zero, which would allow either mitigation-on-failure or quarantine-on-failure strategies by default. A more complex approach would be to lookup in the cache first and trust it until the original lookup expires. Both approaches would have to be opt-in, of course. I don't think either the space impact or performance impact would be very great. A brief RFE for Mailman 3 (which keeps a much more extensive database, so is more likely to implement) is in https://gitlab.com/mailman/mailman/issues/527. Steve -- Associate Professor Division of Policy and Planning Science http://turnbull.sk.tsukuba.ac.jp/ Faculty of Systems and Information Email: turnb...@sk.tsukuba.ac.jp University of Tsukuba Tel: 029-853-5175 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org