On 27/03/2021 21:00, Wolfgang Rosenauer via mailop wrote: > Am 27.03.21 um 18:15 schrieb John Levine via mailop: >> It appears that Wolfgang Rosenauer via mailop >> <[email protected]> said: >>> Yes, there are such cases but I don't think they apply for this list. >>> >>> Yes - the list breaks DKIM (which is already something which should be >>> avoided since I do not see a need to modify the body with a footer >> >> It adds subject tags, too. There are good reasons that lists modify >> the messages. > > Really better reasons than keeping authenticity measurements in place? > I would say that's debatable. > >>> But SPF passes in general for mails from that list because the sender is >>> @mailop.org (not many lists do it like this though). >>> Because of the above SPF is even "aligned" and therefore DMARC passes >>> that message. >> >> Sorry, that's just wrong. For DMARC, SPF alignment means the MAIL FROM >> domain matches the From domain. > > And? > From your mail: > Return-Path: <[email protected]> > From: John Levine via mailop <[email protected]> > dmarc=pass (policy=none) header.from=mailop.org; > because the mail was received from 2a03:4000:37:599:d8ce:dff:fee1:81c2 > which is permitted by the mailop.org SPF policy. > > So what in my statement was "wrong"? > >>> What I'm missing nevertheless as another mitigation on that list is an >>> ARC-Message-Signature and an ARC-Seal from the listserver. >> >> Mailman 2 doesn't do ARC. For that they need Mailman 3 or Sympa. > > I didn't analyze why it's not in place but just stated that it isn't.
I have recently assisted FreeBSD mailing lists migration from Mailman 2 as Python 2 has become totally deprecated. We have decided to keep all stuff for authentication and messages modifications inside Rspamd, well, mainly because I can modify Rspamd to implement all features required more or less easily. So far, we do all DKIM signing, ARC signing and even DMARC munging within Rspamd only[1]. Therefore, any mailing list solution can be used to serve ML traffic, even a most simple ones. I have prepared a small presentation about that and several other things [2] a couple of years ago (I'd like to say sorry in advance for my poor English). Messages modification framework has made quite a significant progress since that presentation. [1]: https://github.com/rspamd/rspamd/issues/3647 [2]: https://papers.freebsd.org/2019/fosdem/stakhov-rspamd_freebsd/ _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
