Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
dmarc [2020/12/13 17:28] staff |
dmarc [2023/10/26 20:49] (current) staff |
===== Background ===== | ===== Background ===== |
| |
[[https://dmarc.org/|DMARC]] is a standard used to prevent senders from using a From address without being properly authorized to do so. What this means for mailing list senders like FreeLists is that we can't use your address in the From: header -- this is the default and generally how mailing lists work -- for domains who have a DMARC policy that indicates mail should be rejected if it fails DMARC checks. | [[https://dmarc.org/|DMARC]] is a standard used to prevent senders from using a From address without being properly authorized to do so. What this means for mailing list senders like FreeLists is that we can't use your address in the ''From:'' header -- this is the default and generally how mailing lists work -- for domains who have a DMARC policy that indicates mail should be rejected if it fails DMARC checks. |
| |
DMARC puts FreeLists in a difficult position: We're essentially required to sign/authenticate mail we're sending on your behalf with SPF and DKIM to ensure deliverability, yet for ease of use we want to maintain the original From: header so subscribers know who sent the message. DMARC prevents the combination of these conditions. | DMARC puts FreeLists in a difficult position: We're essentially required to sign/authenticate mail we're sending on your behalf with SPF and DKIM to ensure deliverability, yet for ease of use we want to maintain the original ''From:'' header so subscribers know who sent the message. DMARC prevents the combination of these conditions. |
| |
===== Official Remedies ===== | ===== Official Remedies ===== |
[[https://dmarc.org/wiki/FAQ#senders|I operate a mailing list and I want to interoperate with DMARC, what should I do?]] | [[https://dmarc.org/wiki/FAQ#senders|I operate a mailing list and I want to interoperate with DMARC, what should I do?]] |
| |
Section 3 off their guidance offers the only viable set of options -- we somehow have to replace the From: address with something else -- so that's what we'll discuss next. (Depending on your list's configuration one of "A," "B," or "C" apply.) | Section 3 off their guidance offers the only viable set of options -- we somehow have to replace the ''From:'' address with something else -- so that's what we'll discuss next. (Depending on your list's configuration one of "A," "B," or "C" apply.) |
| |
===== How FreeLists Handles DMARC ===== | ===== How FreeLists Handles DMARC ===== |
First, FreeLists detects domains that publish reject policy DMARC records. If your domain doesn't participate in DMARC or publishes a DMARC policy that isn't junk or reject, we take no action. | First, FreeLists detects domains that publish reject policy DMARC records. If your domain doesn't participate in DMARC or publishes a DMARC policy that isn't junk or reject, we take no action. |
| |
Second, if necessary, FreeLists modifies the From: header of the post to your mailing list. We replace ''user@domain.com'' with ''dmarc-noreply@freelists.org'' and move other bits of the From: header to the comment section (if made available by the sender) to improve usability. | Second, if necessary, FreeLists modifies the ''From:'' header of the post to your mailing list. We replace ''user@domain.com'' with ''dmarc-noreply@freelists.org'' and move other bits of the ''From:'' header to the comment section (if made available by the sender) to improve usability. |
| |
If your subscriber's domain uses DMARC and the From: header was originally: | If your subscriber's domain uses DMARC and the ''From:'' header was originally: |
| |
<code> | <code> |
| |
<code> | <code> |
From: "Jane Doe" <dmarc-noreply@freelists.org> (Redacted sender "jdoe" for DMARC) | From: "Jane Doe" <dmarc-noreply@freelists.org> (Redacted sender "Jane Doe" for DMARC) |
</code> | </code> |
| |
=== Improving usability === | === Improving usability === |
| |
Notice how we form the From: header. To improve usability it's important for your subscribers to put their name (it doesn't have to be their real name!) into the From: header in their email client. | Notice how we form the ''From:'' header. To improve usability it's important for your subscribers to put their name (it doesn't have to be their real name!) into the ''From:'' header in their email client. |
| |
| We do our best to maintain the Reply-to: header. If your list uses the ''reply-to-sender'' setting the original sender should be copied here so replies go back to the expected source. |
| |
| We add a ''X-original-sender:'' header that contains the original sender. While list subscribers can see this if they go looking at a message's full headers this is mostly intended for list admin troubleshooting. |
| |
=== Big domains and DMARC === | === Big domains and DMARC === |