Can someone flip the option in Mailman for DMARC please, it’s problematic as if one posts and does DMARC and has feedback on, our messages are possibly rejected, and the feedback from a post is quite large.
Not sure who manages it anymore these days.
- Jared
Once upon a time, Jared Mauch <jared@puck.nether.net> said:
Can someone flip the option in Mailman for DMARC please, it’s problematic as if one posts and does DMARC and has feedback on, our messages are possibly rejected, and the feedback from a post is quite large.
The list is doing the DMARC handling (From rewrite) for senders with a
DMARC p=reject.
Once upon a time, Chris Adams <cma@cmadams.net> said:
Once upon a time, Jared Mauch <jared@puck.nether.net> said:
> Can someone flip the option in Mailman for DMARC please, it’s problematic as if one posts and does DMARC and has feedback on, our messages are possibly rejected, and the feedback from a post is quite large.The list is doing the DMARC handling (From rewrite) for senders with a
DMARC p=reject.
Oh, or someone just changed the config per your request. 
I have
p=none but my From got rewritten on this message.
I think it's been doing this for ages. It was the first time I'd seen From rewriting in the wild iirc.
I'm not understanding what problem Jared is talking about.
Mike
It's been doing it for ages for p=reject, but not p=none (the latter
being Jared's situation)
There are toggles in MM2 to do DMARC address rewriting for p=none and
p=quarantine in addition to p=reject.
-Jim P.
I'm sort of surprised that an org would have p=reject when its users use outside mailing lists. Most mailing lists probably don't even have From rewriting or the mailing list operator is clueless about the problem. (think: non-technical mailing lists).
Mike
It appears that Michael Thomas via NANOG <mike@mtcc.com> said:
It's been doing it for ages for p=reject, but not p=none (the latter
being Jared's situation)
I don't understand Jared's concern. His DMARC policy, like mine, is p=none
which tells receivers to do nothing DMARC-y with our messages. I don't get
any sort of blowback from nanog posts that I can recall seeing.
I'm sort of surprised that an org would have p=reject when its users use
outside mailing lists.
Unfortunately, we lost that battle a long time ago. It's "more secure" and
"best practice" so go away.
R's,
John
Much like inline replies v top-posting and etc..
I did manage to get someone to flip the setting so hopefully I’m not getting a lot of bounce back from this e-mail.
Thanks to the kind soul who flipped the setting.
- jared
I did manage to get someone to flip the setting so hopefully I’m not getting a lot of bounce back from this e-mail.
Once again, if you were getting bounces, they had nothing to do with DMARC because you don't publish a DMARC policy.
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly
It appears that Jared Mauch <jared@puck.nether.net> said:
Can someone flip the option in Mailman for DMARC please, it’s problematic as if one posts and does DMARC and has feedback on, our
messages are possibly rejected, and the feedback from a post is quite large.
I checked with Jared and he seems to misunderstand the meaning of the
DMARC failure reports he is getting. (I get them too, lots of them,
and file and ignore them.) They do not indicate any sort of delivery
problem.
Please do *not* change the DMARC settings for p=none since it degrades
the list mail and makes it much harder to tell who is sending each
message and who to reply to.
R's,
John
You can reach the admin at admins@nanog.org. The nanog-owner@nanog.org goes
there too, so there's practically no reason to go on list with such things.
The list is configured to wrap anyone posting from a domain with a with a
DMARC Reject/Quarantine Policy (dmarc_moderation_action). If you don't have
this set on your domain, the list will not wrap your message (which is the
correct behavior as it breaks other things).
Hit up the admin team and we'll look at it.
Once upon a time, Bryan Fields <Bryan@bryanfields.net> said:
The list is configured to wrap anyone posting from a domain with a with a
DMARC Reject/Quarantine Policy (dmarc_moderation_action). If you don't have
this set on your domain, the list will not wrap your message (which is the
correct behavior as it breaks other things).
That is not the case right now; it appears to be modifying ALL senders
since earlier today (about 12:20pm CDT) . Your message has "From: Bryan
Fields via NANOG <nanog@nanog.org>" even though you have no DMARC record
at all.
Yes, I'm trying to get to the bottom of what if anything happened with the
admin team.
This is really broken at this point as munging from breaks DKIM signing if
present in the original email.