[Mailman-Developers] dkim-signature headers

Fri Feb 2 02:46:41 CET 2007

I have demime in front of most of my larger lists, and I can tell you from
casual peeks at the incoming copy that I keep, there are far too many people
who send html email.  My lists nuke all the html, so I'd say probably 75% of
the incoming messages are modified.

I also would concur that deleting the DKIM sig would be the proper thing to
do, as an invalid sig is sure to count towards spamminess.  Its a challenge at
times to get these emails delivered (I've pretty much given up on AOL, they
are in such a mess), so anything like this that will trigger more unsuccessful
deliveries is a real problem.

Bob

---------- Original Message -----------
From: Mark Sapiro <msapiro at value.net>
To: Michael Thomas <mat at cisco.com>
Cc: mailman-developers at python.org
Sent: Thu, 1 Feb 2007 15:06:25 -0800
Subject: Re: [Mailman-Developers] dkim-signature headers

> Michael Thomas wrote:
> >
> >Yes, there's no question that mailman as well as lots of other software
> >can destroy signatures. In practice as people seem to actually use them,
> >it is more theoretical than real. We've been running DKIM signers/verifiers
> >for going on a year now and the 99% I quoted is across a 25000 user
> >population which probably uses mailing lists far more than most similarly
> >sized companies.
> 
> I'm sure your statistics are valid for your environment, but I'm not
> sure that they are universally applicable. Consider what I think is a
> fairly typical situation exemplified by mailman-users at python.org. I
> don't know what fraction of incoming posts to this list are
> multipart/alternative with text/plain and text/html alternative 
> parts, but I see many just from people who Cc: me directly.
> 
> It would be a fairly simple matter to go through the .mbox archive 
> for any list that has one and count the number of X-Content-Filtered-
> By: Mailman/MimeDel and compare that to the number of messages. in 
> fact, I just did that for a cycling club discussion list I managed,
>  and just over 20% of the messages had content removed. Since the 
> most common result of this is to throw away a text/html part and 
> collapse the message to a single part, I submit that this will break 
> a significant number of signatures.
> 
> No if the only result of this were that the recipient's MTA/MUAs
> considered these messages to be unsigned, that would be OK, but my
> understanding is that in some cases at least, these messages are
> either discarded or flagged as having invalid signatures. Either of
> these alternatives is not good. The former discards wanted messages,
> and the latter trains recipients to ignore the fact that signatures
> are invalid.
> 
> That said, it would be a simple matter to make the removal of these
> signature headers a site option (or even a list option, but I think a
> site option is more appropriate).
> 
> It would be better still to be able to make Mailman play better with
> DKIM so that we wouldn't have to break or remove signatures.
> 
> I note that Joe is one of the people who first identified the need to
> remove these headers. Perhaps together, we can find a better way.
> 
> See
>
<http://sourceforge.net/tracker/index.php?func=detail&aid=1287546&group_id=103&atid=300103>
> for some discussion.
> 
> -- 
> Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> 
> _______________________________________________
> Mailman-Developers mailing list
> Mailman-Developers at python.org
> http://mail.python.org/mailman/listinfo/mailman-developers
> Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
> Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
> Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/bob%40nleaudio.com
> 
> Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
------- End of Original Message -------