[BALUG-Admin] DMARC mitigation: already enabled (good!)
Rick Moen
rick@linuxmafia.com
Mon Jul 25 23:22:59 UTC 2022
Upthread, I urged upgrading GNU Mailman so we got the ability to do a
tailored DMARC mitigation aimed at just the asshat sending domains with
p=reject or p=quarantine "strong" DMARC policies. It was late, I was
tired, and I just assumed our version of Mailman (2.1.29) is too old for
that feature, because there have a number of 2.1.x bugfix versions since
then.
Well...
https://lists.balug.org/cgi-bin/mailman/admin/balug-announce/privacy/sender
includes the desired
Action to take when anyone posts to the list from a domain with a
DMARC Reject/Quarantine Policy.
...setting, and the desired option "Munge From" is already selected.
Accompanying item
Shall the above dmarc_moderation_action apply to messages From:
domains with DMARC p=quarantine as well as p=reject
...is likewise present and set to "yes" as desired.
I have verified this is true of the other three balug-* lists, too.
So, DMARC damage _is_ being handled as well as MLM software can.
It still might be a good idea to look into what later packaged 2.1.x
are available and feasible for this Debian release. I haven't checked
the changelog, but worry that we're missing security bugfixes.
More information about the BALUG-Admin
mailing list