[TUHS] Excessive bouncing ... argh!

Grant Taylor gtaylor at tnetconsulting.net
Sat Sep 23 05:51:43 AEST 2017

On 09/22/2017 05:46 AM, Steffen Nurpmeso wrote:
> The mailman version i use supports REMOVE_DKIM_HEADERS out of the 
> box?  (This is v2.1.24, i hope that and Python2 will be maintained 
> for a while time.)  So i have REMOVE_DKIM_HEADERS=2 which always 
> removes those headers, but more possibilities exist.  There is 
> also special support for DMARC, but i never fiddled with that.

I sent a message to the Mailman users mailing list inquiring.  I believe 
that at least dmarc_moderation_action should be set to munge to best 
deal with DMARC.

I also feel like mailing lists are their own entity, and as such, 
messages should be from them.  Similarly, I think replies should be 
directed back to the list.  I think this is especially true for 
discussion type mailing lists.  Thus, I would be inclined to set 
from_is_list to munge also.

I feel like the best long term solution would be for remove_dkim_headers 
to be set to yes, which will remove the DKIM headers if the from header 
is being munged.

> (I personally use SPF -all and hope for the day DNS via DTLS or
> TLS finally becomes reality.  I never understood DNSSEC as such.)

I've been using DNSSEC for multiple years and have had very few problems 
with it.  Usually it's because I hand edit my zone and bork something.

I also look forward to the encryption ~> privacy that DNS over DTLS will 
provide (as I understand it) but I wonder what additional protection 
DTLS will provide compared to what DNSSEC provides.

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20170922/bc1938c8/attachment-0001.bin>

More information about the TUHS mailing list