Return-Path: X-Original-To: apmail-spamassassin-users-archive@www.apache.org Delivered-To: apmail-spamassassin-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9CBB310B59 for ; Thu, 12 Feb 2015 20:15:36 +0000 (UTC) Received: (qmail 71344 invoked by uid 500); 12 Feb 2015 20:15:33 -0000 Delivered-To: apmail-spamassassin-users-archive@spamassassin.apache.org Received: (qmail 71312 invoked by uid 500); 12 Feb 2015 20:15:33 -0000 Mailing-List: contact users-help@spamassassin.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@spamassassin.apache.org Received: (qmail 71297 invoked by uid 99); 12 Feb 2015 20:15:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Feb 2015 20:15:32 +0000 X-ASF-Spam-Status: No, hits=-5.0 required=10.0 tests=RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of me@junc.eu designates 80.162.68.54 as permitted sender) Received: from [80.162.68.54] (HELO duggi.junc.org) (80.162.68.54) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Feb 2015 20:15:28 +0000 Received: from localhost.junc.org (localhost.junc.org [127.0.0.1]) by localhost.junc.org (Postfix) with ESMTP id 03DA225C08B; Thu, 12 Feb 2015 21:15:07 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on larry.junc.org X-Spam-Uri-Domains: hireahit.com Received: from [192.168.1.2] (188-176-191-211-dynamic.dk.customer.tdc.net [188.176.191.211]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by duggi.junc.org (Postfix) with ESMTPSA id 7840B25C081; Thu, 12 Feb 2015 21:15:06 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=junc.eu; s=default; t=1423772106; x=1424204106; bh=zzk8BeiN5qs8bqgWkz5m1NzqLnXya+XIXqWB58Nd8sM=; h=From:To:Date:In-Reply-To:References:Subject; b=bEeYH1atfoxvK7S2V620hde6EX5+9HwvmKwd7d4TBDhhvkPT/8ZTA+iYUH9O+C2yU ficDXN5FHJ4kZLublUKrdlBYBOm0nnV/liIEOxMhqw+ogf9vpVRMJUAAr15sWJeLV7 XS6txpzdeM3t1GDcAoBlvOaA3SukUzmEiKJwrO6w= From: Benny Pedersen To: Dave Warren , Date: Thu, 12 Feb 2015 21:15:05 +0100 Message-ID: <14b7f6e3928.28c1.d475fad7b14312f5d8424e35e39f7512@junc.eu> In-Reply-To: <54DCFC16.3010301@hireahit.com> References: <54DCFC16.3010301@hireahit.com> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 AquaMail/1.5.1.13 (build: 21020013) Subject: Re: SPF rules do not look at spoofed From: address MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org On 12. feb. 2015 20.17.44 Dave Warren wrote: > However, using a DMARC "quarantine" or "reject" policy causes breakage > when users attempt to participate in discussion based mailing lists, or > other systems which modify messages (adding subject tags, adding > footers, removing existing signatures), so DMARC quarantine or reject > policies are only really useful for domains which send mail in > predictable and largely automated ways, which are frequently forged, > with live users living at another domain for their own mailboxes. if the maillist preserve dkim signed mails, then dmarc will pass, but yes sadly there is maillists that breaks dkim, this is not a design fault, but only a admin miss understanding that its not maillist server admins faults, but it is spf is transperent to maillist, and since dkim have no ip at all it will be aswell if not breaked mailman have support for take over ownerships of users dkim signed mails, but it will create more problems then it solves, since not many mua clients then know how to reply to maillist or to the origin sender to make a private mail thanks to this maillist here its not a problem here, i get dmarc pass, super note dmarc can break on spf if maillist is not spf protected, but the origin sender was