[BBLISA] DMARC issue, Yahoo and beyond

Uri Guttman uri at stemsystems.com
Thu May 15 10:44:24 EDT 2014 

On 05/15/2014 10:21 AM, Brian O'Neill wrote:
> IIRC, the issue is not with the From: and Reply-To: headers, but the
> envelope sender (MAIL FROM in the SMTP chatter).
>
> Some systems, especially mailing lists, when forwarding on behalf of the
> original sender, don't reset the envelope sender to the local domain,
> and use the original sender's email address. You then bump into problems
> if the receiving host is checking SPF and DKIM (DMARC is basically
> both), and the original sender's domain has those set and have strict
> checking.
>
> We ran into this when a person had their email forwarded to a yahoo
> account from an Exchange 2003 server. Exchange 2003 doesn't change the
> envelope sender on forwarding, but I understand that 2007 and later
> change the envelope sender to be the forwarding account.
>
> I haven't looked any deeper yet at my mailman stuff, as fortunately I
> don't have any yahoo recipients or any other domain that is doing DMARC
> yet.

i am om several mailman lists where this problem reared its ugly head a 
few weeks ago. yahoo (and aol later on) users were bouncing emails from 
the lists and vice versa. mailman produced a patch where the reply-to 
header now has the original poster's address and the from has the list 
address. this fixes the bouncing issues but causes another smaller but 
still annoying one. if you get email from yahoo or aol via mailman and 
want to reply to the list, you need to do a reply-all or maybe a 
reply-list (thunderbird has reply-list). plain reply will obey the 
reply-to and send it only to the poster off-list. of course a large 
public list i am on has many yahoo and aol lusers and they will be 
getting too many offlist emails for that reason.

the only real solution is another header which says reply-to-list and 
make that higher priority than reply-to.

one other poor solution was having mailman fix all the from to always be 
from the list but then you never saw the original poster's address. and 
those emails would come through effectivly as anonymous if they didn't 
put their info in the body. of course too many lusers didn't have any 
info in their body so that made for many stilted threads as you couldn't 
tell who said what.

thanx,

uri

-- 
Uri Guttman - The Perl Hunter
The Best Perl Jobs, The Best Perl Hackers
http://PerlHunter.com

More information about the bblisa mailing list