Barry Warsaw writes: > For #1 you would have a rule that can answer the question of DMARC > disposition. Rules output binary results,
This is somewhat problematic. DMARC results are potentially trivalent. If action is "reject" and pct is less than 100, some hits are "rejects" and some are "quarantine". Misses are misses. So I guess you do this with a chain of two rules, the first one verifying the message and if that hits (ie, verification fails) the second one rolls the dice for pct. > and if this rule hits, it would run an action, probably to discard > the message, although it could also hold it or reject/bounce it. Silent discards without content analysis make me queasy. I guess we can work around that by doing DMARC checks after the content checks, although the draft implies the DMARC checks should be done early. Or we could reject, but unfortunately we can't reject in the SMTP transaction, so we need to issue a DSN. That makes me really queasy, because DSNs for illegitimate mail suck all around. In case of a quarantine, maybe this should go into a separate queue that silently waits for a moderator to look at the messages, and discards them after a reasonable period of time (maybe two weeks?) So they'd be there if somebody asks for a lost message, but otherwise no bother. Steve _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
