On 12/8/20 3:43 PM, Per Jessen wrote:
Peter Simons wrote:
AFAICT, mailman offers only two (marginally useful) options, per list - replace from with list address or wrap message in an outer message. Neither is of much use to us, we don't want the From: address to change.
you realize, though, that it's impossible to keep "From:" as-is if you want to deliver postings reliably to all recipients?
Well, for at least the last four years, it has not caused us any problems. (i.e. I haven't seen any tickets nor have I heard anyone complain).
That's not a real argument because MTA admins just began to implement SPF/DKIM/DMARC during the last two years.
If you keep the original "From:", then those the postings will potentially fail the SPF check. I have that exact problem with my private domain cryp.to. I cannot post as simons@cryp.to to mailing lists that don't re-write "From:" because sites like gmail.com will reject those messages. When I found out about that, I could not believe that they would check the SPF records against the "From:" header found in the message payload, but, well, they do.
That is certainly non-standard. It should really only be checked on the envelope address.
This ship has sailed with the continously growing adoption of DMARC. Like it or not you have to use munge_from.
Besides, if we were to fiddle with the From: header, the DKIM validation would likely fail.
That's why you also strip old DKIM headers and let your MTA re-sign the new message.
Anyway, isn't this all a bit off topic here on this list?
I agree. Move that to heroes list? Ciao, Michael.