On 2011-04-15 at 14:38 +0200, Luca Bertoncello wrote: > Now, as I know, DKIM (and DomainKey before) should solve the problem of a > forward, which can fail with SPF. > Could someone say me, why I get these errors?
Mailing-lists tend to edit Subject: lines (see "[exim]" above) and add footers: > -- > ## List details at http://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ Thus DKIM messages which are modified no longer have valid signatures. This is an accurate state of affairs (what you received has been tampered with, and the crypto caught that) but not helpful for ultimate receivers. Ideally, the mailing-list manager's local MTA will verify DKIM and the MLM will strip the inbound DKIM (or rename them to X-Old-*) and then sign the messages so that they're verified as coming from the list. If you run a mailing-list but don't control the host, then turning off those modifications for your list may help. (We should look closely at this for lists like, uhm, "[email protected]") -Phil -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
