On 2/10/19 3:46 PM, Michael A. Peters via dovecot wrote:
On 2/10/19 3:42 PM, Noel Butler via dovecot wrote:
On 10/02/2019 12:49, Benny Pedersen via dovecot wrote:
fixing mailman will be the fail, solve it by letting opendkim and opendmarc not reject detected maillist will be solution,
A general broad mailing list whitelist will be problematic, do work it needs to look for specific list type hidden headers, spammers and nasties will incorporate those headers into their trash that impersonates mailing lists and voila, they pass.
However the majority of spammers do not spam with a properly configured Reverse DNS - so detect the list header and skip DMARC if list headers are present AND Reverse DNS matched the HELO/EHLO
Also, DMARC isn't really anti-spam technology, it's anti-spoof technology.
Rather than fake mail list headers, spammers will just use domains w/o a DMARC policy. Much easier.