Hi Warren,

If you set dmarc_moderation_action to "Munge from", the list will detect
when someone posts from a domain that publishes a request for strict
signature checking for all mails originating from it (in DNS) and rewrite
the envelope-from to the list's address.  Reply-to will be added and set to
the original sender.

I think that this is probably a better way to workaround the issue (rather
than playing with getting the list to not break the signature) until these
things mature further.



On Fri, Jun 19, 2015 at 6:38 AM, Warren Togami Jr. <wtog...@gmail.com>

> On Fri, Jun 19, 2015 at 12:24 AM, Mike Hearn <m...@plan99.net> wrote:
>> The new list currently has footers removed during testing.  I am not
>>> pleased with the need to remove the subject tag and footer to be more
>>> compatible with DKIM users.
>> Lists can do what are effectively MITM attacks on people's messages in
>> any way they like, if they resign for the messages themselves. That seems
>> fair to me!  :)
> Mailman isn't resigning it.  Should it be?  Does other mailing list
> software?
>>>  I'm guessing DKIM enforcement is not very common because of issues like
>>> this?
>> DKIM is used by most mail on the internet. DMARC rules that publish in
>> DNS statements like "All mail from bitpay.com is signed correctly so
>> trash any that isn't" are used on some of the worlds most heavily phished
>> domains like google.com, PayPal, eBay, and indeed BitPay.
>> These rules are understood and enforced by all major webmail providers
>> including Gmail. It's actually only rusty geek infrastructure that has
>> problems with this, I've never heard of DKIM/DMARC users having issues
>> outside of dealing with mailman. The vast majority of email users who never
>> post to technical mailing lists benefit from it significantly.
>> Really everyone should use them. Adding cryptographic integrity to email
>> is hardly a crazy idea :)
> I understand the reason to protect the "heavily phished" domains.  I heard
> that LKML does not modify the subject or add a footer, perhaps because it
> would make it incompatible with DKIM of the several big corporate domains
> who participate.
> I suppose it is somewhat acceptable for us to remove subject tags and
> footers if we have no choice...
> Warren
> ------------------------------------------------------------------------------
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Bitcoin-development mailing list

Reply via email to