[Mailman-Developers] dkim-signature headers
Joe Peterson
joe at skyrush.com
Wed Feb 7 17:49:46 CET 2007
Barry Warsaw wrote:
> What should MM2.1 do now? Here's a proposal for 2.1.10: Add an
> mm_cfg.py variable that controls whether DKIM headers are stripped or
> not. I think Mark suggested that this should be a site-wide
> variable, and I tend to agree. The reasoning being that all the
> outbound Mailman traffic will be ultimately delivered by an MTA under
> the site admin's control. Either they have a milter that refuses to
> resign or they have a working milter. If their milter doesn't
> resign, then less harm is done by stripping the header. If their
> milter does resign, then less harm is done by allowing it to resign,
> even if Mailman has broken the original signature.
Yes! I think this is indeed the right solution. I also tend to agree
with Bob that the default ought to be to strip DKIM headers, as
DKIM-aware admins would know what this variable is about, but admins who
know nothing about DKIM probably will not have re-signing implemented.
-Joe
More information about the Mailman-Developers
mailing list