>> I've found that the best place to do anti-DMARC stuff is in a shim >> between the list package and the sendmail program, since it can do >> whatever you want to the message and it still works when you upgrade >> the list software. > >Do you recommend this on the inbound or outbound side? That is: before >the MTA hands off to the MLM, or after the MLM hands off to the MTA? The latter, after the MLM has made whatever changes it's going to make so the shim can put on a shiny new valid DKIM signature with the list's domain, and in the near future can add the appropriate ARC glop. R's, JOhn