One of the subscribers to a list I host (Jack McKinney) has been having
a problem with inbound mail from the list getting rejected by his mail
server. He's tracked it down to a problem with the Sender header field,
which gets re-written by Mailman to the VERP address of the list bounce
processor containing the recipient's address. This triggers a rejection
by libdomainkeys.
RFC 2822 states as follows:
The "Sender:" field specifies the
mailbox of the agent responsible for the actual transmission of the
message. For example, if a secretary were to send a message for
another person, the mailbox of the secretary would appear in the
"Sender:" field and the mailbox of the actual author would appear in
the "From:" field.
So, since Mailman is the "agent responsible for the actual transmission
of the message", re-writing the Sender header doesn't appear to be a
violation of the spec, but there is a problem here. It appears that
Mailman _should_ either offer the option of preserving the original
poster's Sender header, or should nuke the original poster's
DomainKey-Signature: header.
Or does it appear that libdomainkeys is in error here?
Your thoughts, good people?
-------- Forwarded Message --------
From: Jack McKinney <jac...@lorentz.com>
Reply-To: jac...@lorentz.com
To: Lindsay Haisley <fmo...@fmp.com>
Subject: Problem Solved!
Date: Thu, 12 Feb 2009 11:15:01 -0600
Well, problem identified, anyway. This is something that mailman or
courier will have to fix.
Your mailing list is adding a Sender header. However, the Sender
header does not represent the message sender, as it should. It instead
represents the mailing list. Since the DomainKey in the message is for
one domain (d=brockster.us), and the sender is in a different domain
(Sender: linux-bounces+jackmc=lorentz....@ctlug.org), it is an error.
I believe that libdomainkey does this because adding a Sender: header
that is not the _original_ sender is a violation of the RFC (822?).
When anyone posts from a domain that has DomainKeys to one of the
lists, the list adds a conflicting Sender header, causing anyone parsing
messages at the SMTP port using libdomainkeys to reject the message as
forgery.
--
Lindsay Haisley | "Everything works | Accredited
FMP Computer Services | if you let it" | by the
512-259-1190 | (The Roadie) | Austin Better
http://www.fmp.com | | Business Bureau
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
