In article <61B1EDB45FC4FF33154B13B0@PSB> you write: >This may be the best that can be done given the degree to which >DMARC is an attack on the mail system ... Here's two related thoughts. I agree with everything bad you have to say about DMARC but we're stuck with it for the time being. There is s thing called ARC that large providers say they plan to use to re-enable list mail from DMARC'ed addresses. It's pretty far along, Gmail is adding ARC headers and sometimes looking at them, various mail libraries and list software are starting to support them, and sometime in the future we may be able to undo the anti-DMARC kludge. It's a kludges on kludges, but that is the nature of e-mail these days. > alexey%example.com@xxxxxxxxxxxxxx My experience is the same as Henrik's, percents don't work because many mail systems (usually correctly) assume it's a botnet looking for very old misconfigured sendmail open relays. I did the original rewrite hack on which the IETF's is based, but I rewrite the domain, so that address would be rewritten as alexey@xxxxxxxxxxxxxxxxxxxxxx I have a wildcard MX to collect and forward the mail. Works great. Dunno why the current IETF scheme doesn't do that (perhaps postfix doesn't handle wildcarded domains as easily as qmail) but we can keep it in mind, since it doesn't mess with the local part and it should work with EAI the same as ASCII mail. For whoever said it's an open relay, sheesh, we're not totally dim. My scheme remembers what addresses it's rewritten and only forwards for those. Mine also uses really draconian spam filters since in this context it can safely assume that the only messages worth forwarding will be from individuals and anything bulky can be discarded. R's, John
