[conspire] (forw) Drastic step to deal with DMARC damage (was: What the hey? I am still garrison.hilliard at gmail.com)

[Local mailing list for the CABAL Linux user group.]

Quoting Local mailing list for the CABAL Linux user group. (conspire at linuxmafia.com):

[This is Ivan Sergio Borgonovo.]

> >   That setting is called "anonymous list", for short.
> 
> This is a very bad idea and you can already acknowledge the effects
> and I bet it's not necessary but I understand I've no right to
> assume you've to fix it.

Datum:  linuxmafia.com runs Mailman 2.1.13.  The signature mitigations 
for DMARC were introduced only with late 2.1.x releases.  For
complicated reasons, linuxmafia.com is poorly maintainable at present,
and really needs a from-scratch redesign.

However, with caution and planning, I'm guessing we'll be able to
upgrade Mailman from 2.1.13 to 2.1.30 soon -- and then will have DMARC
mitigation available for application to each hosted list in the admin
WebUI.

Until then, the awful kludge of "anonymous list" is the only way I know
(in 2.1.13) to sidestep the observed DMARC trainwreck from Paul W.
Harrison's postings to the Skeptic list (from provider co.site).  The
awful kludge manages that because it substitutes a wholly new From: 
internal header on all outbound subscriber copies, removing the sender's 
address, hence making DKIM/DMARC alignment failure for the sender's
domain not matter.

Do you have a better idea, given the constraint of Mailman 2.1.13?