[ARIN-consult] Community Consultation on DMARC for ARIN Mailing Lists
Jimmy Hess
mysidia at gmail.com
Tue Aug 29 19:28:18 EDT 2017
On Tue, Aug 22, 2017 at 1:35 PM, William Herrin <bill at herrin.us> wrote:
> On Tue, Aug 22, 2017 at 9:56 AM, ARIN <info at arin.net> wrote:
>>
>> 1. Should ARIN implement DMARC for ARIN mailing lists?
I would say Yes... my feeling is that Arin MUST start doing something to
fully adhere to sender domain DMARC policies in supporting posting from
users who join the mailing list when their sender domain has a DMARC
p=reject strict policy with SPF and DKIM signing alignment
(A current industry best practice, which mail implementors are using on
many domains, including Yahoo.com)...
On the contrary the current state is _broken_, for example if a user
posting to an ARIN mailing list has a @yahoo.com address, An example of
a domain currently publishing a DMARC policy with a required
DKIM or SPF match when the RFC5322.From From: header
OR the RFC5321.MailFrom (SMTP envelope) contains a @yahoo.com address.
_dmarc.yahoo.com descriptive text "v=DMARC1\; p=reject\; pct=100\;
rua=mailto:dmarc_y_rua at yahoo.com\;"
yahoo.com descriptive text "v=spf1 redirect=_spf.mail.yahoo.com"
_spf.mail.yahoo.com descriptive text "v=spf1 ptr:yahoo.com ptr:yahoo.net ?all"
_domainkey.yahoo.com descriptive text "t=y\; o=~\;
n=http://antispam.yahoo.com/domainkeys"
> Is this going to blow up my email forwarding out to gmail that has worked
> for the last decade? If so, I vote NO.
The current state, I believe: is "Already blown up", for mailing
list posters on domains that have implemented the DKIM signing and
DMARC standards.
>
> Regards,
> Bill Herrin
---
-JH
More information about the ARIN-consult
mailing list