Am 27.03.21 um 18:15 schrieb John Levine via mailop:
It appears that Wolfgang Rosenauer via mailop <[email protected]> said:Yes, there are such cases but I don't think they apply for this list.Yes - the list breaks DKIM (which is already something which should be avoided since I do not see a need to modify the body with a footerIt adds subject tags, too. There are good reasons that lists modify the messages.
Really better reasons than keeping authenticity measurements in place? I would say that's debatable.
But SPF passes in general for mails from that list because the sender is @mailop.org (not many lists do it like this though). Because of the above SPF is even "aligned" and therefore DMARC passes that message.Sorry, that's just wrong. For DMARC, SPF alignment means the MAIL FROM domain matches the From domain.
And? From your mail: Return-Path: <[email protected]> From: John Levine via mailop <[email protected]> dmarc=pass (policy=none) header.from=mailop.org;because the mail was received from 2a03:4000:37:599:d8ce:dff:fee1:81c2 which is permitted by the mailop.org SPF policy.
So what in my statement was "wrong"?
What I'm missing nevertheless as another mitigation on that list is an ARC-Message-Signature and an ARC-Seal from the listserver.Mailman 2 doesn't do ARC. For that they need Mailman 3 or Sympa.
I didn't analyze why it's not in place but just stated that it isn't. Wolfgang
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
