[Mailman-Developers] dkim-signature headers
Joe Peterson
joe at skyrush.com
Fri Feb 2 01:06:24 CET 2007
Yep, for a time I was doing some testing of DKIM on my server (using the
sendmail milter). )I was using sendmail at the time, and I have since
switched to Postfix.) I did stop using DKIM after a while, and one
reason was the mailing list stumbling block.
Since passing messages through Mailman appeared to always render a
signature invalid, it certainly seemed correct to remove the sig from
the header, thus allowing the outgoing MTA the chance to re-sign the
message as the mail list server (not as good as an original sig, but at
least it would pass the DKIM test at the receiving end). I know that
one is supposed to treat an invalid signature the same as no signature,
but knowingly letting email go out (and it is Mailman that is sending
it) with a bad signature certainly felt "irresponsible" and potentially
misleading.
Now, if it is indeed possible to come up with a way to make Mailman
successfully pass the original signature through validly, that would be
a big win - a real challenge I suspect. But I guess the big question
now is what to do in the short term. I'm happy to back out the change,
but perhaps we should let a few others weigh in on this topic first.
-Joe
Mark Sapiro wrote:
> I note that Joe is one of the people who first identified the need to
> remove these headers. Perhaps together, we can find a better way.
More information about the Mailman-Developers
mailing list