[Mimedefang] Yahoo! DMARC and smfi_chngfrom was Yahoo DMARC
Kevin A. McGrail
KMcGrail at PCCC.com
Tue Apr 15 09:40:29 EDT 2014
On 4/14/2014 10:50 PM, Joseph Brennan wrote:
> DMARC is actually checking the header From, not just the envelope
Thanks. That's what I was overlooking.
> The problem I've got at our gateway is that milter gives us the
> @Recipient as in the RCPT TO, but I need to know what the recipient is
> after aliasing. We can safely accept when the alias routes to one of
> our own mail stores (Exchange, Cyrus, Google Apps), but not when the
> alias routes to our Mailman host or somewhere else on the net.
Agreed. We had to study our aliases and come up with a list but it's
far from full-proof.
> Obviously it would be simpler to refuse mail with header From yahoo,
> or break standard and rewrite all header From yahoo to something else.
> On principle I'd rather do the former than the latter, but that does
> not always meet the needs of the organization.
For triage, we blocked email from yahoo to our mailing list. Today,
I'll be rewriting the from header so it looks like it came from a
do_not_reply email. That will then trigger manual moderation for all
those users but we feel it's the best option along with sending a notice
to senders to switch from Yahoo!
More information about the MIMEDefang