I'm not 100% sure what you mean, but let me give it a best effort.

On Sat, 2020-07-25 at 11:00 +0200, Peter J. Philipp wrote:
> Hi,
> This is sorta a feature request.  A lot of people use dmarc to check for
> incoming mails.  Is there a way to turn off dmarc checking in the smtpd?
> This would be valuable for trusted sources such as mailing lists.

This reads as if you want to disable checking on the receiving end,
which is smtpd. This is not needed since smtpd has no support for
DMARC, SPF, or DKIM verification at this moment.
> Let me give you an example.  I mail 1000 bytes to openbsd-misc and there is
> thousands of recipients on that mailing list.  When their software delivers
> to these thousands I get a DNS request (I'm predicting 40 bytes in the 
> question,
> and no less than 40 bytes in the answer * thousands) that's already a minimum
> of 80K bytes DNS traffic generated by a 1K byte mail.

If you're worried about those numbers I would stop hosting DNS yourself
and just put it at a company who can handle it.
> It would be cool if OpenBSD could set a "X-DMARC-VERIFIED" header or something
> and based on a policy on every smtpd that receives this no dmarc dns request
> is caused.  This would make me very happy.

I'm not aware of this mail header, nor is google. Also this would make
your mail susceptible for a man in the middle to disabling DMARC.

But if you want this header you should be able to do this quite easily
with a custom filter. The documentation is not installed by default, but
a draft is available in the smtpd soures: smtpd-filters.7.
> Is this all technically possible?
> Best Regards,
> -peter

  • dmarc Peter J. Philipp
    • Re: dmarc Martijn van Duren

Reply via email to