On Wed, 9 Apr 2014, Valdis.Kletnieks@vt.edu wrote:
On Wed, 09 Apr 2014 17:15:59 -0400, William Herrin said:
Meh. This just means list software will have to rewrite the From header to "From: John Levine <nanog@nanog.org>" and rely on the Reply-To header for anybody who wants to send a message back to the originator.
Maybe this is a good thing - we can stop getting all the "sorry I'm out of the office" emails when posting to a list.
The sort of programmer that writes out-of-mind software that doesn't employ the long well-known heuristics for detecting mailing lists (starting with checking Return-Path: for "owner-" and similar) will also likely disregard the Reply-To: header. This Is Not A Good Thing.
According to the DMARC FAQ at http://dmarc.org/faq.html Q: I operate a mailing list and I want to interoperate with DMARC, what should I do? DMARC introduces the concept of aligned identifiers. It means the domain in the from header must match the d= in the DKIM signature and the domain in the mail from envelope. 1: operate as a strict forwarder, where the message is not changed and the validity of the DKIM signature is preserved 2: introduce an "Original Authentication Results" header to indicate you have performed the authentication and you are validating it 3: take ownership of the email, by removing the DKIM signature and putting your own as well as changing the from header in the email to contain an email address within your mailing list domain. Option 1 is out of the question. Option 3 is what a lot of people are starting to do. Can anybody tell me what exactly option 2 is. What exactly is an "Original Authentication Results" header? I'm already doing my own research but if someone can give a concise answer as to what it is that would be appreciated. Ted Hatfield