On Tue, Oct 22, 2024 at 03:13:01AM -0400, Jeffrey Walton wrote: > > It is not valid, and you won't find a RFC authorizing it. And it > breaks SPF and DKIM authentications. It's perfectly valid. This is the DMARC mitigation in mailman3. Before/without: sender -> list -> subscriber If sender has a restrictive policy / authorized senders, when subscriber checks they see email claiming to come from the sender, but really coming from the list server, so they reject it/drop it/mark it as spam. After/with: sender -> list -> list rewrites the email -> subscriber The list accepts the email, rewrites it and signs it with it's own DKIM signature. Now the subscriber sees the mail as coming from the list server and valid. Sadly with google pushing/requiring DKIM, and more providers setting restrictive policies, this mitigation is really needed on lists anymore. ;( kevin
Attachment:
signature.asc
Description: PGP signature
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
