[Mailman-Users] DMARC and Reply-To lines with from_is_list munging.

[Mark Sapiro]

On 05/09/2014 07:27 PM, Richard Damon wrote:

> But the wrapped message could pass the DMARC DKIM signature check, if it
> will exactly matchs the message that came from Yahoo/AOL. (which the
> phish won't). This says that the List Headers, modified subject, list
> headers and footers should be added to the wrapping message, not the
> wrapped message, which also says that the MUA shouldn't throw this away,
> but combine these with the original message (but in a way that makes it
> clear which is which).


Just for the record, this is how the Wrap Message action is implemented
in Mailman. I.e. all the stuff Richard mentions is done to the outer
message, not to the message/rfc822 part that is the original message.
The one exception that will break DKIM is content filtering which by
necessity is applied to the original message before it's wrapped. This
is a big one, because I suspect almost all messages from Yahoo users are
multipart/alternative to begin with (and has anyone else noticed what a
horrible job Yahoo does in making the text/plain alternative, but I
digress ...), and many lists collapse alternatives so the DKIM sig will
be broken.

That notwithstanding, as Stephen and others have mentioned, the MUAs to
deal with this are not here and are unlikely to be here anytime soon.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan