Skip to Content.
Sympa Menu

en - Re: [sympa-users] Patch for sympa to avoide Yahoo DMARC issues

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: Miles Fidelman <address@concealed>
  • To: Steve Shipway <address@concealed>, "address@concealed" <address@concealed>
  • Subject: Re: [sympa-users] Patch for sympa to avoide Yahoo DMARC issues
  • Date: Sat, 19 Apr 2014 09:02:09 -0400

Just took a look at for Sympa 6.1.20 -- looks like there are some significant differences in header munging from 6.1.19 - might want to be careful.

I think I'll try upgrading to 6.1.19 and apply the patch there.

Miles Fidelman

Steve Shipway wrote:

I attach (yet another) patch for Sympa 6.1.19 for your consideration that addresses the recent Yahoo DMARC issues. This modifies the file to munge the From header in certain circumstances as discussed in this list last week. It should work against most 6.1.x branch versions; I’ve not tried it with 6.2.x.

The patch adds a new configuration option set under the DKIM group, called ‘DMARC Protection’. This has three configurable parameters; a Mode, a Domain regexp; and an email address.

The Protection Mode allows you to select which emails are to be munged. You can select all, none, by domain regexp, and/or ‘auto’. ‘Auto’ is any message with an existing DKIM signature in the header. This allows you to specify that only emails are munged, or these plus any pre-signed message, and so on.

The Domain regexp allows you to match against the email From address.

The New Address allows you to specify the address used for the replacement. This is very much like normal anonymisation and defaults to the list address.

When activated, the code will replace the From header with ‘“original sender (original email)” <new email>’ so that the remote DKIM checks do not fail. It will also strip any DKIM-Signature header (moving it to X-Original-DKIM-Signature), set up a Reply-To header with the original >From address (though this may later be replaced according to your Reply-to list settings), and add an X-Original-From header.

This works independently of any list anonymisation, so you can have both at once (though it would be a bit pointless). I felt it better to separate this into a new stanza so as not to affect any existing anonymisation options. Possibly another option could be added to the same group to give choices on how the new From header phrase is constructed; however I didn’t have time for this.

I have tested this in both domain and auto modes, from local and from and can confirm that it works as expected and allows people to use a list without changing the experience of non-yahoo people (if run in Domain mode against only).

In light of the recent situation, possibly the Sympa team would like to consider adding this functionality to the next release?

All comments and feedback welcome


*Steve Shipway*

University of Auckland

/UNIX Systems Design Team Lead/


+64 (9) 3737 599 ext 86487

In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra

Archive powered by MHonArc 2.6.19+.

Top of Page