Public bug reported:
An address ending with "@reply.yahoo.com" posted a message to a list
that has "dmarc_moderation_action" set to "Munge From".
This causes IsDMARCProhibited() in Utils.py to lookup TXT records for
"_dmarc.reply.yahoo.com". It finds none, so Mailman does not apply the
munging.
However, in this situation, DMARC "clients" apparently need to look "up
the chain" at "_dmarc.yahoo.com". See RFC 7489 section 4.3 point 7, and
section 6.6.3 point 3 ("Organizational Domain"), and here's an example
of it in action:
https://dmarcian.com/dmarc-inspector/reply.yahoo.com
The result of this bug is that mail from a subdomain like
"@reply.yahoo.com" does not get munged, but does get rejected downstream
by yahoo.com/gmail.com etc. for failing DMARC policy.
(I'm using Mailman 2.1.20.)
** Affects: mailman
Importance: Undecided
Status: New
** Tags: dmarc
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1549420
Title:
DMARC munging fails on subdomains that use parent domain policy
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1549420/+subscriptions
_______________________________________________
Mailman-coders mailing list
[email protected]
https://mail.python.org/mailman/listinfo/mailman-coders
