if ($Sender =~ /kevin_mcgrail\@yahoo\.com>?$/i and
($recip =~ m/\@mailman\./i or
DMARC is actually checking the header From, not just the envelope $Sender,
and Yahoo is telling recipient systems to reject if the header From has a
yahoo.com address and the message was not sent (directly) by yahoo.com.
This breaks mailing lists and user forwarding, and contradicts RFC 5322 and
2822 which say the header From SHOULD show the mailbox of the writer of the
message.
It means messages with header From yahoo are poison if your system re-sends
them to another system for any reason, if your system conforms to standard
by not changing the header From. Re-sending them can lead to blacklisting.
It's not hard to extract the header From address in MimeDefang.
The problem I've got at our gateway is that milter gives us the @Recipient
as in the RCPT TO, but I need to know what the recipient is after aliasing.
We can safely accept when the alias routes to one of our own mail stores
(Exchange, Cyrus, Google Apps), but not when the alias routes to our
Mailman host or somewhere else on the net.
From what I have read, it looks like Sendmail's check_compat ruleset gets
the resolved recipient, and I might be able to write a check there
comparing sender containing yahoo and recipient not containing our mail
stores. An alternative might be to have Mimedefang read the aliases db when
the header From contains yahoo, and do the same test. I find neither option
very attractive, but I think I will need to do something very soon. Neither
solution generalizes what to do when some other systems follow Yahoo's lead.
Obviously it would be simpler to refuse mail with header From yahoo, or
break standard and rewrite all header From yahoo to something else. On
principle I'd rather do the former than the latter, but that does not
always meet the needs of the organization.
I'm still weighing my options.
Joseph Brennan
Columbia University I T
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
