[BlueOnyx:19430] forwarding, dmarc p=reject, aol, yahoo

[Carl Byington]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

BlueOnyx includes a forwarding facility using .forward files in the
user's home directory. Consider the case where the mail is being
forwarded to anyone that implements dmarc policy (gmail, aol, yahoo,
comcast, and others). Suppose the user receives a message from
someone at yahoo.com (or any domain that publishes a dmarc p=reject policy,
such as aol, yahoo, and others).

someone at yahoo.com -> our user -> target at aol.com

The recipient mail server will reject the mail based on the dmarc policy
published by the original sender domain.

To avoid this, we need to take ownership of the mail, and send a *new*
message to the forwarding target. In particular, the From: header needs
to be changed. This can be done by removing the forwarding in the BO
gui, and instead use a .procmailrc file:


FORMAIL=/usr/bin/formail
SOURCE=our-user at our-domain.tld
TARGET=target at forward-domain.tld

:0c
* ! ^X-Loop: $SOURCE
{
    # get reply address
    :0hw
    SENDER=|$FORMAIL -rtzxTo:

    # change header
    :0fhw
    |$FORMAIL -A "X-Loop: $SOURCE" \
              -I "From: resent by $SOURCE <$SOURCE>" \
              -i "Reply-to: $SENDER"

    :0
    ! -f $SOURCE $TARGET
}

# also do normal local delivery
:0
$DEFAULT


This could be added to BO, but preferably as an option, since folks may
already be using custom .procmailrc files that would be overwritten by
BO if the forwarding mechanism were changed.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlcGjYcACgkQL6j7milTFsHp3ACdHEGLgo467UpqLC7T6+1yWAKM
H0QAmgJU623hJ2uQ8JWxFF+DFxEeij3L
=bwgo
-----END PGP SIGNATURE-----