[adding balug-admin:]
Quoting Glen Martin (glen@glen-martin.com):
Yeah, much agree on your points under "2.".
Apologies for the rantiness portions. I do try to have substantive technical content as well.
huh. I'll have to review the configs, I can't remember this option to conditionally munge. I did it quite a while ago, so may be my memory at fault.
It's definitely there. Help text for that specificMailman WebUI item (Privacy Options, Sender filters, dmarc_moderation_action) says:
dmarc_moderation_action (privacy): Action to take when anyone posts to the list from a domain with a DMARC Reject/Quarantine Policy.
o Munge From -- applies the 'from_is_list Munge From' [link] transformation to these messages. o Wrap Message -- applies the 'from_is_list Wrap Message' transformation [link] to these messages. o Reject -- this automatically rejects the message by sending a bounce notice to the post's author. The text of the bounce notice can be configured by you. o Discard -- this simply discards the message, with no notice sent to the post's author.
This setting takes precedence over the 'from_is_list' [link] setting if the message is From: an affected domain and the setting is other than Accept.
Following the first link ('from_is_list Munge From') shows this help text:
from_is_list (general): Replace the From: header address with the list's posting address to mitigate issues stemming from the original From: domain's DMARC or similar policies.
Several protocols now in wide use attempt to ensure that use of the domain in the author's address (ie, in the From: header field) is authorized by that domain. These protocols may be incompatible with common list features such as footers, causing participating email services to bounce list traffic merely because of the address in the From: field. This has resulted in members being unsubscribed despite being perfectly able to receive mail.
The following actions are applied to all list messages when selected here. To apply these actions only to messages where the domain in the From: header is determined to use such a protocol, see the dmarc_moderation_action [link] settings under Privacy options... -> Sender filters.
Settings:
o No Do nothing special. This is appropriate for anonymous lists. It is appropriate for dedicated announcement lists, unless the From: address of authorized posters might be in a domain with a DMARC or similar policy. It is also appropriate if you choose to use dmarc_moderation_action other than Accept for this list.
o Munge From This action replaces the poster's address in the From: header with the list's posting address and adds the poster's address to the addresses in the original Reply-To: header.
o Wrap Message Just wrap the message in an outer message with the From: header containing the list's posting address and with the original From: address added to the addresses in the original Reply-To: header and with Content-Type: message/rfc822. This is effectively a one message MIME format digest.
The transformations for anonymous_list are applied before any of these actions. It is not useful to apply actions other than No to an anonymous list, and if you do so, the result may be surprising.
The Reply-To: header munging actions below interact with these actions as follows:
first_strip_reply_to = Yes will remove all the incoming Reply-To: addresses but will still add the poster's address to Reply-To: for all three settings of reply_goes_to_list which respectively will result in just the poster's address, the poster's address and the list posting address or the poster's address and the explicit reply_to_address in the outgoing Reply-To: header. If first_strip_reply_to = No the poster's address in the original From: header, if not already included in the Reply-To:, will be added to any existing Reply-To: address(es).
These actions, whether selected here or via dmarc_moderation_action [link] do not apply to messages in digests or archives or sent to usenet via the Mail<->News gateways.
If dmarc_moderation_action [link] applies to this message with an action other than Accept, that action rather than this is applied