[ntp:questions] [META] lists.ntp.org borked DMARC settings

Jakob Bohm jb-usenet at wisemo.com.invalid
Tue May 14 01:05:31 UTC 2019


On 10/05/2019 17:37, John Levine wrote:
> In article <rqednY0VTaYHT0nBnZ2dnUU78fPNnZ2d at giganews.com>,
> Jakob Bohm  <jb-usenet at wisemo.com.invalid> wrote:
>> It is (ironically) Mailman mailing lists that required switching from
>> p=none to p=quarantine .  Because otherwise they cause the reporting
>> data to be flooded with alerts from all the mail servers that receive
>> mailman forwarded mails "spoofing" the e-mail domains I manage.
> 
> If you are referring to the aggregate and failure reports that DMARC
> lets you request, that's how they're supposed to work.  Log them and
> move on.  If something is sending you "alarms" when it gets a report
> of a DMARC failure, it's broken.

Yes, I am referring to the DMARC reports and the result of parsing them.
Without p=quarantine, they will contain entries reporting that the
outgoing servers of mailman lists were spoofing the domain and not
getting stopped, making it hard to find any actual attempt to spoof the
domains in the noise.

With p=quarantine, correct mailman configurations will move the posters
e-mail domain out of the DMARC-checked fields, while other forwarding
software will use various other ways to make the transmission pass the
anti-spoof checks listed in the DMARC RFC.

> 
> I send mail to zillions of Mailman lists with p=none and get none of
> these alerts.  Whatever your problem is, p=none isn't it.  I happen to
> have 184,000 DMARC aggregate reports and 77,000 DMARC failure reports
> in the file so I am not unfamiliar with how they work.
> 
> Please leave the list alone.
> 

I would leave the lists alone, if they didn't aggressively reject my use
of the newsgroup due to someone using obsolete settings that were added
as part of a long dead campaign against Yahoo.



Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded



More information about the questions mailing list