DMARC/DKIM mitigation on maling lists
Greg Troxel
gdt at lexort.com
Wed Nov 8 04:43:45 PST 2023
This is not really related to dealing with DMARC, but I noticed
something in your message.
Here are the headers in the messaeg, minus a couple added by my system
(spam filtering scores) omitted to reduce noise.
- Your message has a From: of neteler at osgeo.org.
- it was actually sent via google.
* google did not include your client's IP address (that's great)
* google has an X-Google-DKIM-Signature instead of DKIM-Signature
(This is bizarre but not news to me)
* google's faux DKIM header is from 1e100.net
(also odd but not news)
- osgeo.org applied a dkim signature from osgeo.org to the list
message
This last point is normal in many ways; it signs the mail as coming from
osgeo so that people can
welcomelist_from_dkim *@* osgeo.org
to not filter things coming from the list. However, your message did
not actually come from osgeo.org, it seems, and thus really shouldn't
have gotten a fresh DKIM signature.
What you are doing is of course totally normal, but in the world of
DKIM/DMARC (and then ARC) that I think we are heading to, outgoing mail
has to be handled by the outgoing MTA of the domain, and not sent via
some other domain's MTA.
This is particularly an issue for people with secondary email addresses,
like this case.
Return-Path: <SRS0=aK0C=GV=lists.osgeo.org=sac-bounces at osgeo.org>
Received: from lists.osgeo.org (osgeo6.osgeo.osuosl.org [140.211.15.3])
by s1.lexort.com (Postfix) with ESMTP id 3C5AF4106FC
for <gdt at lexort.com>; Wed, 8 Nov 2023 07:12:35 -0500 (EST)
Authentication-Results: s1.lexort.com; dkim=pass (2048-bit key) header.d=osgeo.org header.i=@osgeo.org header.b=UNpkdFdY
Received: from osgeo6.osgeo.osuosl.org (localhost [127.0.0.1]) by lists.osgeo.org (Postfix) with ESMTP id 0B62C613C189; Wed, 8 Nov 2023 04:12:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=osgeo.org; s=mail;
t=1699445555; bh=t9fnzoscK2inK9dMf/tp0yVIc8rjv0kXC2dDl45Vroo=;
h=References:In-Reply-To:From:Date:Subject:To:List-Id:
List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
From;
b=UNpkdFdYJ8dzuwk0GFzWV9/pOHlXlGis4n0/DlM4U/D1CWwhHQRJyH/r44VSZiK2P
XRftYOiCqz+wcOv4a30b10R+iPs/yaOl/wJ3o2pZgvZtxdLGYBVSrrh2H9qTyziH7E
oC+V3Svwoz42k9vBJedBtyyiSaIUw0ABmsVf/n7DwovBYLuYFJfBguSWTQfTDpXmIL
paTV8+EtKJmS4VhCbWEoj0zd7jrPKpW4SYdORfZv+5xafBV6VCf1of5qquuUETaQ4n
Ua/DfIIXn0EkhHIqoEpuxI9rRtNKKp/X7pZpJ0BomwmE/DlaT7ow4V5qRdX3Yl1P9x
JUzfaSQR6dsKw==
Received: from mail-ej1-f44.google.com (mail-ej1-f44.google.com
[209.85.218.44])
by lists.osgeo.org (Postfix) with ESMTPS id 16A9661424E2
for <sac at lists.osgeo.org>; Wed, 8 Nov 2023 04:12:34 -0800 (PST)
Received: by mail-ej1-f44.google.com with SMTP id a640c23a62f3a-9be02fcf268so1018084566b.3 for <sac at lists.osgeo.org>; Wed, 08 Nov 2023 04:12:33 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1699445552; x=1700050352;
h=content-transfer-encoding:to:subject:message-id:date:from
:in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=t9fnzoscK2inK9dMf/tp0yVIc8rjv0kXC2dDl45Vroo=;
b=pgVGUXFdAx4A0sEZfZ71kljzEyuYrPKyhvAUpWC3Do6XHrwU2eb/SdnejG68Ru3f0+
ZbxAvbeJMaRsPOQUDOvXyFwb3DrbHaAKBOy1i1jIUAl2EJ4LcLPLG7OIxAWdhq4yfk82
cFBtwitK6fXe+d23LDnv2Cg0HtuiL+R2oW61iKqOoZjTOX1AY4HLcZHQjUyjjgNkFtEI
Ea2G5QzXHu9xliV5mj73CMhcr0mk7V7zvvpLQLI9cD3iGMiObK2MWiBCKgAPTONiJ7bf
lnF94yQNP4YfQ5rXnoHZuTdqbdr20BlGSI115CeIK7i0okOVmcQ/CGDnhxWbFfmLtQ3s
d4FA==
X-Gm-Message-State: AOJu0YwMOweh84+TOLPC9d0OrokjDMT9yM8dulJTKwn2VS0qCpinQRDT 40WoYEKJjHUAlVxuXw3kA69WyBxa1LY7Jm88c+PsH8c5JcSuYhzK
X-Google-Smtp-Source: AGHT+IG4643go/OrYZcNMGW0yDmUgNSBfKL3rKMHfirB+eWjU+sdTKmnKsviiTwccgg0QT7IXoBShIGGkWfX/Bm+EeI=
X-Received: by 2002:a17:907:7ba5:b0:9df:bc8d:fbc8 with SMTP id ne37-20020a1709077ba500b009dfbc8dfbc8mr1472978ejc.37.1699445552259; Wed, 08 Nov 2023 04:12:32 -0800 (PST)
MIME-Version: 1.0
References: <002a01da075d$776917e0$663b47a0$@pcorp.us>
<rmi34xy1y0k.fsf at s1.lexort.com>
<002b01da075f$893ec210$9bbc4630$@pcorp.us> <rmir0lizekw.fsf at s1.lexort.com>
<003401da078b$d7e29410$87a7bc30$@pcorp.us> <ZTpWzZ4Qvri1CFmb at c19>
<ZTty0VH3w3kmuGIT at c19> <rmizfzzinds.fsf at s1.lexort.com>
<8ef85620-59d4-40c8-ac7e-07af8ba3aa09 at betaapp.fastmail.com>
<ZUoZAzLW4b/6w+AI at c19> <ZUtvhmhiRTGb/Bhe at c19>
In-Reply-To: <ZUtvhmhiRTGb/Bhe at c19>
From: Markus Neteler <neteler at osgeo.org>
Date: Wed, 8 Nov 2023 13:12:20 +0100
Message-ID: <CALFmHhsecrhbhECRAj5sDTJtA2o1+dZncxt--SrMbVG8Wq4=_g at mail.gmail.com>
Subject: Re: DMARC/DKIM mitigation on maling lists
To: sac at lists.osgeo.org, jmckenna at gatewaygeomatics.com, howard at hobu.co, lr at pcorp.us
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-BeenThere: sac at lists.osgeo.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: System Administration Committee Discussion/OSGeo <sac.lists.osgeo.org>
List-Unsubscribe: <https://lists.osgeo.org/mailman/options/sac>, <mailto:sac-request at lists.osgeo.org?subject=unsubscribe>
List-Archive: <http://lists.osgeo.org/pipermail/sac/>
List-Post: <mailto:sac at lists.osgeo.org>
List-Help: <mailto:sac-request at lists.osgeo.org?subject=help>
List-Subscribe: <https://lists.osgeo.org/mailman/listinfo/sac>, <mailto:sac-request at lists.osgeo.org?subject=subscribe>
Errors-To: sac-bounces at lists.osgeo.org
X-Greylist: Sender IP whitelisted by DNSRBL, not delayed by milter-greylist-4.6.4 (s1.lexort.com [71.19.148.97]); Wed, 08 Nov 2023 07:12:35 -0500 (EST)
More information about the Sac
mailing list