On Sun, Feb 15, 2026 at 09:52:32AM +0800, Kevin J. McCarthy wrote: > On Sat, Feb 14, 2026 at 11:55:07AM +0000, Crystal Kolipe via Mutt-dev wrote: > >On Sat, Feb 14, 2026 at 11:35:03AM +0800, Kevin J. McCarthy wrote: > >>Now that we're back to applying patches from the mailing list, I have a > >>question about technique. > >> > >>The Mutt mailing lists have "dmarc_moderation_action" set to "Munge From", > >>which means when a sender's domain has a DMARC Reject/Quarantine Policy set, > >>the mailing list rewrites the From address. > >> > >>Without this, a fair number of receivers bounce the message, which ends up > >>unsubscribing them eventually. > > > >If the senders are including valid DKIM headers, and the MX of the > >subscribers > >is capable of verifying them, then the messages should pass DMARC Reject. > > It's been a while. At the time, it may have been that the return-path > header or another such header that is modified by Mailman, was signed by > various senders' DKIM. I didn't realize the problem until I got a very > large number of admin bounce emails and mass unsubscribes started happening. > > However, it looks like at some point subsequent to that, OSUOSL added > filters: > > DMARC-Filter: OpenDMARC Filter v1.4.2 smtp4.osuosl.org 62BE640969 > DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 62BE640969 > > Perhaps the problem is no longer present. > > I will try turning off of the munging for the mutt-dev mailing list right > after I send this, and let's see what happens. Crystal and Alex, if things > go silent after this email, please let me know and I'll try something else.
Just a heads up - the domain that I'm sending from intentionally only signs with ed25519 signatures, (does not dual-sign with RSA). As a result, MXes that are not compliant with RFC 8463, (where ed25519 verification is a MUST), will choke. Feel free to continue re-writing my From: if that matters.
