[Mailman-Developers] feature request: one-click setting to preserve DKIM
Monica Chew
mmc at googlers.com
Mon Dec 5 19:58:38 CET 2011
Hi, folks!
I guess this is as good a time as any to introduce myself, since both
Murray's MLM+DKIM RFC and the formation of a new web-ui group are relevant.
For context, I work at Google on Gmail spam, and one of the things we've
been doing as an anti-phishing measure is enforcing that mail from certain
highly-phished domains must be signed with the DKIM key of the purported
sender. We started this several years ago for just ebay and paypal (
http://gmailblog.blogspot.com/2008/07/fighting-phishing-with-ebay-and-paypal.html)
and for the last couple of years have been trying to do it for
google.comand a handful of other domains as well.
A side effect of this has been that mailing-list mailing has been
particularly difficult to classify. We've mostly solved the problem for
groups that we host, but external mailing lists have been a continual
challenge. As a result, many Google employees who want to participate in
standards and open source communities have been unable to (see for example
http://lists.openid.net/pipermail/openid-general/2009-June/018364.html,
where both mail from Google and Facebook employees were not delivered to
openid gmail members) with their standard mailing address. There are many
ways to solve this problem, and I've been tackling two of them: groups that
we host, and migrating corporate mail to use a different domain than
service mail. However, it would be wonderful for MLMs to support list
admins who care about this by having a one-click option to turn off the
settings that break incoming DKIM signatures, namely subject tagging and
unsubscribe footers.
Terri and Florian, is this something that the webui group would be
interested in working on?
Thanks,
Monica
More information about the Mailman-Developers
mailing list