DMARC mitigation can be incorrectly (not) applied for a sub-domain.

Bug #1568398 reported by Mark Sapiro
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Low
Mark Sapiro

Bug Description

In determining if dmarc_moderation_action should be applied, if a sub-domain of an 'organizational domain' has no _dmarc policy record and the organizational domain does have a _dmarc record, the policy that should apply to the sub-domain is the organizational domain's sp= policy if any and the p= policy if not.

Through Mailman 2.1.21, only the organizational domain's p= policy is applied even if there is an sp= policy.

Related branches

Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Committed
Mark Sapiro (msapiro)
Changed in mailman:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers