DMARC mitigation can be incorrectly (not) applied for a sub-domain.

Bug #1568398 reported by Mark Sapiro
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Fix Released
Mark Sapiro

Bug Description

In determining if dmarc_moderation_action should be applied, if a sub-domain of an 'organizational domain' has no _dmarc policy record and the organizational domain does have a _dmarc record, the policy that should apply to the sub-domain is the organizational domain's sp= policy if any and the p= policy if not.

Through Mailman 2.1.21, only the organizational domain's p= policy is applied even if there is an sp= policy.

Related branches

Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Committed
Mark Sapiro (msapiro)
Changed in mailman:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.