On Wed 22/Jun/2022 13:31:49 +0200 Slavko via mailop wrote:
Dňa Tue, 21 Jun 2022 17:17:47 +0200 Alessandro Vesely via mailop
<[email protected]> napísal:
From: munging turned out to be the best way that SMTP+DKIM+DMARC go
together. I understand that those who miss unmunging can feel
slightly annoyed.
If i properly understand the unmunge term, how to unmunge eg. your
latest response? In your message is nothing about original sender (nor
in From: nor in Sender: header, nor their X-* forms), except the
Reply-To: header, do you mean to switch From: <-> Reply-To:?
Yup, that seems to have become a de facto standard. However, I also set an
Author: header field, just in case.
While i am able to setup a lot of things on my MTA, i consider to do
something as switch headers on per-list base as out of (my) interest, as
it will be unmanageable soon.
My filter tries every message; it's not list-specific.
In theory (i never tried this) i can setup it in sieve on per-user base,
but i afraid to rely on Reply-To: header.
Besides Author: and Reply-To: one can also check Cc: and [X-]Original-From:. I
sketched a recipe here:
https://datatracker.ietf.org/doc/html/draft-vesely-dmarc-mlm-transform
I can imagine the ARC can solve that problem, but as start of this
thread shows, it can be misused too...
To implement ARC you need a global view of all MTAs. Only a few
giants can afford it. Small operators can implement just the sealing
part, if they forward to Microsoft of Google.
Certainly, it's not a solution for mailing lists, unless /all/
subscribers belong to one of those two providers.
Huh, that is not how i understand the ARC, or it is out of my
ARC knowledge. I understand ARC as solution directly for DMARC+ML.
But i do not use ARC yet, except its rspamd's checks, thus i can be
wrong...
Neither I use it. I didn't know rspamd implements ARC. Most of that module's
documentation seems to be about signing, which is not difficult. But there is
a whitelisted_signers_map variable, for verifying. Did you set it?
In order to have ARC working for mailing lists, you need to add the relevant
domain to that map, for every list you subscribe to. At that point, mailing
lists that send personalized messages to each subscriber can ARC-seal the
messages destined to you instead of rewriting From:, if they know that you did
set whitelisted_signers_map appropriately. Hm...
Best
Ale
--
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
