On 12/12/18 11:35 AM, Bernie Cosell wrote: > I have two questions about the DKIM/spf munging that mailman does. > > First: when it replaces the 'from' with a munged address [replacing the name > with "name via thislist" does it stick the original email address somewhere > in the > message, so if a listmember wanted to reply to the original sender they'd be > able > to? I thought it did but I just looked through one and didn't see the > poster's > original email. [actually, let me amend that: I see that his email addr is > in the 'cc' > field -- did mailman do that or did he?]
Mailman did that. Mailman puts the original From: address in either Cc: or Reply-To:; which one depends on other list settings. The intent is that a reasonably comliant MUA will do the same thing with 'reply' and 'reply all' whether or not the From: is munged. This generally means the original From goes in Reply-To: unless the list mungs the Reply-To: in which case it goes in Cc: > Second, I'm a bit shaky [to say the least..:o)] about how the DKIM stuff all > works. > I do have access to Unix shell account, so I can do dig and host and such. > If a > listmember asks me if "@randomserver.com" is OK to not-get-munged when it > posts to the list, what would I do? Thanks This is actually, DMARC, not DKIM per se, but use 'dig' or some other DNS query tool to look up a TXT record associated with the name _dmarc.randomserver.com. For example dig txt _dmarc.aol.com finds "v=DMARC1; p=reject; pct=100; rua=mailto:d...@rua.agari.com; ruf=mailto:d...@ruf.agari.com;"; host -t txt _dmarc.aol.com returns the same text. What you are looking for is 'v=DMARC1' which says this is a DMARC policy record and then the p= value which is the policy which is one of 'reject', 'quarantine' or 'none'. If your list is set with dmarc_moderation_action other than accept, that action will be applied to mail From: domains with a policy of 'reject' and possibly 'quarantine' or 'none' depending on the settings of dmarc_quarantine_moderation_action and dmarc_none_moderation_action. Also, if the From: domain is not what is known as an organizational domain, e.g., some.subdomain.aol.com and that domain doesn't publish a DMARC policy, you then have to look up the policy of the organizational domain. For common TLDs like .com, .net, .gov, .org, .edu, etc. the organizational domain is just the top two levels, e.g. python.org, aol.com, etc. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
