MyfanwyNixon
commented
8 years ago I'm guessing that this is what has caused a problem with message ID 6eb454c333ca36462e7d. The bounceback reads:
SMTP error from remote mail server after end of data: host ASPMX.L.GOOGLE.com [66.102.1.27]: 550-5.7.1 Unauthenticated email from aim.com is not accepted due to domain's 550-5.7.1 DMARC policy. Please contact administrator of aim.com domain if this 550-5.7.1 was a legitimate mail. Please visit 550-5.7.1 https://support.google.com/mail/answer/2451690 to learn about DMARC 550 5.7.1 initiative. v12si21744060wjr.183 - gsmtp
dracos
Currently, on delivery to a rep, we see if the sender is DMARC
p=rejectand if so use VERP for the From, with the sender in Reply-To. This is fine, unless the rep has a bad client and replies to the From, when we then forward that on (verbatim) to the sender.However, if the rep also has strict DMARC, that forwarding may then fail SPF/DMARC. We could change the VERP handler so that the reply-from-rep has its own VERP as with the original message, and then any bad-client reply to that is forwarded back to the rep (ie. full two-way proxying). Have asked @sagepe to investigate whether the system SRS handling could potentially be used here somehow.