[SAC] [OSGeo] #3011: Write recommendation for mailing list configuration regarding DKIM/DMARC/SPF
OSGeo
trac_osgeo at osgeo.org
Tue Oct 31 05:56:24 PDT 2023
#3011: Write recommendation for mailing list configuration regarding
DKIM/DMARC/SPF
------------------------------+------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution:
Keywords: dkim, spf, dmarc |
------------------------------+------------------------
Comment (by gdt):
It is clear that we can't have a solution that makes everybody happy.
List-Foo headers seem to be pretty clearly a standard, and if someone and
their MUA can't deal with that, I don't think we should make everyone
suffer from forged From: lines because of it.
I don't understand "stripping and resigning is a valid option". That
requires a forged From:.
The Sender: situation is crazy. It is normal for mailinglists to add
Sender:. So I see three options:
- Add Sender:. If a message to the list has DKIM covering Sender: and a
DMARC policy, reject it, because that domain has declared that messages
from its users may not appear on mailing lists.
- With DKIM/Sender and DMARC, skip adding Sender:
- Just don't add Sender either
The first option is righteous but unhelpful. Given the pg experience of
not having problems from not adding sender, I think the third option is
best.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3011#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list