offtopic: rant about thoughtless enabling DMARC checks [was: Re: Bounces?]

Michael A. Peters mpeters at
Sat Feb 9 21:23:25 EET 2019

On 2/9/19 11:13 AM, Michael A. Peters via dovecot wrote:
> On 2/9/19 10:48 AM, Juri Haberland via dovecot wrote:
> Honestly I was sort of tempted to try and create my own DMARC validator 
> (I was thinking one daemon that does both DKIM and DMARC - for postfix, 
> Exim has DKIM native but I only use Exim for submission) that tried to 
> sniff Mailman and not enforce it but it looks like it would be very time 
> consuming.

What I wanted to do, was sniff mailman in headers and if it was sent by 
mail, reject if reverse DNS didn't match HELO/EHLO and white list from 
OpenDMARC enforcement if it did. That would prevent most spoofed that 
tried to look like Mailman since spoofed mail rarely has reverseDNS 
properly set up but Mailman admins tend to.

More information about the dovecot mailing list