Alessandro Vesely via mailop skrev den 2023-02-20 08:47:
The point of ARC is to report authentication results. A post having only spf=pass becomes unauthenticated after the first hop.
inccorect, nexthop can use spf aswell, or not
Right. Ditto for DMARC rejects/ quarantine, which I don't think many ML receivers honor.
DMARC is greedy, if DKIM is breaked, to avoid DKIM problems if needed to post to ml could be to configure dkim to be in test mode, ensureing mails are not rejected based just on dkim fails, mailman can do this policy to not accept non testing mode in dkim, its design fails that dkim should be used as a reject factor :(
back to DMARC, it should imho use ARC results to know if original sender did have dkim pass and spf pass, and make results based on it, then its no matter if mailman breaks dkim or not, since it would not matter for dmarc testing downstream, we can all raise the flag when developpers of mailman know this :=)
i use dmarc policy none to protect maillist receivers to not reject maillists senders, more or less this is what bad software try to solve, hmmp
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
