[conspire] (forw) Re: [golugtech] DMARC mitigation, ezmlm, and golugtech at lists.troubleshooters.com

Rick Moen rick at linuxmafia.com
Sun Sep 25 06:56:28 PDT 2022


----- Forwarded message from Steve Litt <slitt at troubleshooters.com> -----

Date: Sun, 25 Sep 2022 05:28:58 -0400
From: Steve Litt <slitt at troubleshooters.com>
To: golugtech at lists.troubleshooters.com
Subject: Re: [golugtech] DMARC mitigation, ezmlm, and golugtech at lists.troubleshooters.com

On Sun, 2022-09-25 at 02:14 -0700, Rick Moen wrote:

> It is claimed that ezmlm-idx provides a mitigation for the problem.
> I repeat, here and now, my suggestion that you should look into that.

It looks like my Web host, Futurequest, is using ezmlm-idx and has been
for over a decade:
https://www.futurequest.net/forums/showthread.php?t=24961 . Apparently
ezmlm-idx was written by Bruce Guenter, who is employed at Futurequest.
So the remaining questions are:

1) Am I actually using ezmlm-idx

2) Does ezmlm-idx protect against the stuff you talked about

So perhaps everything's already good. Or not. I'll try to figure it out later.

SteveT


---------------------------------------------------------------------
To unsubscribe, e-mail: golugtech-unsubscribe at lists.troubleshooters.com
For additional commands, e-mail: golugtech-help at lists.troubleshooters.com


----- End forwarded message -----
----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----

Date: Sun, 25 Sep 2022 06:38:31 -0700
From: Rick Moen <rick at linuxmafia.com>
To: golugtech at lists.troubleshooters.com
Subject: Re: [golugtech] DMARC mitigation, ezmlm, and
	golugtech at lists.troubleshooters.com
Organization: If you lived here, you'd be $HOME already.

Quoting Steve Litt (slitt at troubleshooters.com):

> So the remaining questions are:
> 
> 1) Am I actually using ezmlm-idx
> 
> 2) Does ezmlm-idx protect against the stuff you talked about

You're a troubleshooter, Steve.  What you need is a test case.

Let's imagine that you have a user on your mailing list using a domain 
with a strongly asserted DMARC policy, say, Steve Litt <slitt at yahoo.com>.
How do we know that yahoo.com has such a policy?  We look directly at
the DMARC record in yahoo.com's DNS, and verify that it declares p=reject or
p=quarantine as the requested policy for receiving MTAs to apply.

:r! dig -t txt _dmarc.yahoo.com. +short
"v=DMARC1\; p=reject\; pct=100\; rua=mailto:d at rua.agari.com\; ruf=mailto:d at ruf.agari.com\;"

Overly aggressive DMARC policy in a sending user's domain's DNS, check.

Now, you need a receiving mailing list member who's at a domain that
_enforces_ other domains' DMARC policies.  GMail will do nicely, so, 
say, Steve Litt <stevelitt at gmail.com> , as the test receiver.

So, now you have Steve Litt <slitt at yahoo.com> post to the mailing list.
It hits the MLM, and gets registered in the MLM's cumulative traffic
archive (if any).  And now, you can check with relevant subscribers such
as Steve Litt <stevelitt at gmail.com>, to see whether their receiving MTAs
rejected the mailing list copy's remailing to them of Steve Litt
<slitt at yahoo.com>'s post.

_If_ the MLM's DMARC mitigation is enabled and is the same as Mailman's,
then, upon transit through the MLM to subscribers (and to the archive if
any), the original

  From: Steve Litt <slitt at yahoo.com>

would get munged by the MLM to

  From Steve Litt via <golugtech at lists.troubleshooters.com>

and would have appended this new header:

  Reply-To: Steve Litt <slitt at yahoo.com>

That is the (altered) form of Steve Litt <slitt at yahoo.com>'s posting
that would be received by all subscribers including Steve Litt
<stevelitt at gmail.com> -- if the same DMARC mitigation as Mailman's 
is applied.

Hope that helps.


---------------------------------------------------------------------
To unsubscribe, e-mail: golugtech-unsubscribe at lists.troubleshooters.com
For additional commands, e-mail: golugtech-help at lists.troubleshooters.com


----- End forwarded message -----
_______________________________________________
luv-main mailing list -- luv-main at luv.asn.au
To unsubscribe send an email to luv-main-leave at luv.asn.au

----- End forwarded message -----



More information about the conspire mailing list