It appears that Michael Thomas via NANOG <[email protected]> said: >There is no requirement that a mailing list honor or even care about >DMARC. That's true of all of this: it's purely informational to the >receiver to use as they will (or not). Expecting mailing lists to do >anything in particular is a mistake. > >> So mailing list software today typically checks the originating domain's >> DMARC configuration. If that has a policy other than "none" (which says >> to deliver email even if it fails both SPF and DKIM), it will send the >> email "From:" the list, and not the originator. The email then nicely >> passes the mailing list's own SPF, of course. Additionally, the mail >> server sending it out from the list software will normally DKIM sign the >> outgoing email, so it ends up properly authenticating as coming from the >> mailing list software. >It would be nice if this were more uniformly true, but alas I don't >think you can really count on it. Even IETF mailing lists don't resign >(somebody has claimed this is a bug, but it's been a bug for a very long >time, from what I can tell).
Really, it was a bug. A bunch of stuff broke when we moved to the new mail server earlier this year, and it's fixed now. (I checked.) The DMARC rewrite stuff that I added broke at the same time, haven't checked whether it's back yet. R's, John _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/HNIOFDZP5UDWGPIC4FAY7VFAX2OQYZTU/
