Opened 2 years ago

Last modified 16 months ago

#92 assigned defect

Girl Scout troops vs MLM problems

Reported by: vesely@… Owned by: todd.herr@…
Priority: minor Milestone: Deliverable #2 (DMARC improvements to better support indirect email flows)
Component: dmarc-bis Version:
Severity: - Keywords: From: rewriting, From: munging
Cc:

Description

Must add a section explaining that From: rewriting is used to circumvent DMARC rejections

A lot of tiny non-profits like Girl Scout troops use email addresses
at webmail providers and send their announcements through ESPs like
Constant Contact and Mailchimp. This is yet another situation where
DMARC can't describe an entirely normal mail setup.

Constant Contact apparently got Yahoo to give them a signing key,
at least temporarily, but that doesn't scale.
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sELnS16jVGKfhiZ8cLq5aZ0eEEE>

---

To what? The Yahoo address is the only address the scout troop has?

Copy that to Reply-To: and write a mangled From: that looks troopy but passes DMARC. Just like MLMs do.

Lists at MLMs have names that the subscribers will recognize, but the scout troop only has the Yahoo address.

There are certainly kludges that one can apply to circumvent DMARC rejections, but this is a clear failure, an existing legitimate mail use that DMARC breaks.
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/5H0m1f1wi1Io4lT-Wt_B0LJHXAI>

Change History (3)

comment:1 Changed 22 months ago by todd.herr@…

  • Owner set to todd.herr@…
  • Status changed from new to accepted

comment:2 Changed 22 months ago by todd.herr@…

  • Status changed from accepted to assigned

comment:3 Changed 16 months ago by todd.herr@…

  • Milestone changed from Deliverable #3 (changes to DMARC base spec + DMARC Usage Guide to Deliverable #2 (DMARC improvements to better support indirect email flows)
Note: See TracTickets for help on using tickets.