On 04/14/2014 06:46 AM, Joseph Brennan wrote: > > It finally occurred to me that this affects routine forwarding too. Even > if you implement SRS on the envelope, the header From is left alone, as > per RFC 5322.
Not necessarily. If the message is actually from Yahoo, it will be DKIM signed with d=yahoo.com, and if the forward doesn't break that sig, the message will pass DMARC. > It also affects a message from any of our users who authenticates with > our user and password but prefers to send with a yahoo.com From line. Yes, This is exactly what DMARC is trying to prevent. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
