Redmine generates notification emails that fail DMARC and will therefore often be rejected or quarantined
I am one of the email administrators for my employer, Quantopian Inc. In particular, I am one of the people responsible for ensuring that all the emails sent from our domain are compliant with DMARC so they won't be quarantined or rejected.
I recently filed an issue about Ruby at https://bugs.ruby-lang.org/. Immediately after doing so, I received several DMARC failure reports resulting from the notifications about my new issue that were emailed out. This is because Redmine put "From: email@example.com" in the header of the notification emails.
That's really not OK in the age of DMARC. That's going to cause notification emails to be quarantined (i.e., put in the user's spam folder) or rejected, whenever the issue author's email domain has as quarantine or reject email policy and the notification recipient's mail server enforces DMARC.
Most of the big email providers nowadays publish and enforce DMARC policies.
#1 Updated by Jonathan Kamens 7 months ago
I don't know whether this is because the notifications I got DMARC failure reports about earlier were for a different kind of notification, or because the problem here isn't Redmine but rather something specific to bugs.ruby-lang.org, or maybe because bugs.ruby-lang.org is running an older version of Redmine and this issue is already fixed in the current version?
In short, maybe this is something I need to take up with the ruby-lang.org folks?
Can you shed any light? Thanks.
Jonathan Kamens wrote:
I guess that means that whatever the problem is, I need to take it up with the folks who maintain bugs.ruby-lang.org?
I think so. They run the customized Redmine. The following line seems to set the author's e-mail address to the From field.
def issue_add_with_ruby_lang_mailing_list_customization(*args) m = issue_add_without_ruby_lang_mailing_list_customization(*args) m.header[:from] = args.author.mail # args == issue m end