It is a well known limitation of DMARC that there are some legitimate sending practices that it does not and cannot describe. Mailing lists are the leading example, but there are others like mail an article from a newspaper's web site. If Yahoo can't get this right, we're all in trouble.The fault lies on both sides: Mail lists do two things that make life difficult: 1. Attaching trailing boilerplate to every message, which breaks the dkim signature, unless the poster's system puts the length attribute into the sig, which is frowned on (but I do it anyway). 2. Adding a tag to the subject line. There appears to be nothing that a sender can do to avoid this or keep the dkim sig valid.
As has been discussed about a million times over the past 15 years, it is not a bug that mailing lists modify the messages, they've been doing it forever, and they're not going to stop just because the FUSSP du jour can't cope with it.
On the other hand, neither the DMARC spec nor implementations contemplate coping with mailing lists, which makes it all but impossible for DMARC ever to be used in practice to reject messages.
As has been discussed in painful detail on this very list, there are plenty of circumstances in which p=reject makes sense, but a public mail system with human users is not one of them.
Regards, John Levine, [email protected], Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
