Subject

I would like some feedback concerning a use case

Description

With switching to debian:12 opendmarc is updated from:

opendmarc: OpenDMARC Filter v1.4.0
	SMFI_VERSION 0x1000001
	libmilter version 1.0.1
	Active code options:
		WITH_SPF
		WITH_SPF2

to

opendmarc: OpenDMARC Filter v1.4.2
	SMFI_VERSION 0x1000001
	libmilter version 1.0.1
	Active code options:
		WITH_SPF
		WITH_SPF2

bringing the following changes:

• 1.4.1: trusteddomainproject/OpenDMARC@376720b
• 1.4.2: trusteddomainproject/OpenDMARC@6925ffe

The following change in opendmarc:

Added config option HoldQuarantinedMessages (default false), which
controls if messages with p=quarantine will be passed on to
the mail stream (if False) or placed in the MTA's "hold"
queue (if True). Issue #105. Patch by Marcos Moraes, on
the OpenDMARC mailing list.

Changes the behaviour how DMS handles such failed messages from putting them in the hold queue to letting them into the INBOX of the user.

The change can be reverted with adding the following to /etc/opendmarc.conf either in user-patches or by building your own image and changing target/opendmarc/opendmarc.conf:

HoldQuarantinedMessages true

Should we add this behaviour change in the changelog or should we restore the old behaviour? (We are monitoring the hold queue for our servers and therefore prefer the hold queue to decide what's to be done with possible malicious mail but i know that those mails are kinda invisible to other people using DMS as their mailserver)