DMARC And Mailman

From Harmony Lists KB

Revision as of 19:36, 11 June 2022 by Brianemwd (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

In earlier days of the Internet and email (when social media didn't yet exist and Google was an upstart search engine), mailing lists would preserve the email address of the original message sender in the From: header and use the Reply-To: header to ensure responses would come back to the list server. However, as years went by and spam became an ever increasing threat to the value of email as a communications medium new methods were devised to help identify and block messages with forged sender addresses.

The combination of SPF and DMARC lets domain owners tell receiving mail servers what systems are authorized senders for their domains and what to do with unauthorized messages. This is accomplished by looking at the domain in the message's From: header and the IP address of the sending mail server and comparing it to DNS records published by that domain.

This presents a unique problem for mailing list servers. The traditional behavior of preserving the From: address in messages sent by the list server guarantees that DMARC will report a failure, which leads to delivery problems - messages will likely either bounce or be filtered into the spam folder. To prevent this conflict with DMARC, mailing list servers can and should be set to rewrite the From: address to be from the mailing list address.

On Harmony mailing list servers, list administrators find this setting under "Settings" and "DMARC Mitigations". "DMARC Mitigation Action" should be set to "Replace From: with list address", and the box for "DMARC Mitigate unconditionally" should be checked. (See the screenshot below)