I'm not sure what is the issue here? Mailing lists break DKIM by design. We could go to the old style of mailing lists, which did not break DKIM, but did not have, for instance, these nice footers to tell people how to unsubscribe...
For the deployment of DNSSEC this is the wrong list, and let's face it, DNSSEC has a difficult time to be adopted because: https://ianix.com/pub/dnssec-outages.html On Tue, Oct 4, 2016 at 7:50 AM, Benny Pedersen via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > Authentication-Results: linode.junc.eu; dmarc=pass header.from=dmarc.org > Authentication-Results: linode.junc.eu; > dkim=pass (1024-bit key; unprotected) header.d=dmarc.org > header.i=@dmarc.org header.b=g7uNA2zS; > dkim=fail reason="signature verification failed" (1024-bit key; > secure) header.d=junc.eu header.i=@junc.eu header.b=rpMrxjyH; > dkim-atps=neutral > > thanks all, is dmarc really so hard to not break ? > > when will dmarc.org have dnssec ? > > wake up admins > > would it be possible to skip last signer if multisigned ?, in the long > term i would not accept such mails anymore, and i am also unimpressed of > that dmarc can pass with no dnssec, badly designed > > or is it possibel to blacklist signer in dkim/dmarc ? > _______________________________________________ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well > terms (http://www.dmarc.org/note_well.html) >
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)