Bjoern Franke writes: > Am Sonntag, den 22.06.2014, 13:33 +1000 schrieb Peter Shute: > > Yahoo Groups also add something like this in a footer: > > "Posted by: a real name a-n...@a-domain.co.uk" > > and a series of mailto links below that for replying to the original > > sender or to the group. > > Well, won't this break DKIM?
No. DKIM provides *no* policy, except that verifiers should draw the same conclusions from an invalid signature that they would from the absence of that signature. So this question really means "Will there be a valid DKIM signature?" And the answer is "Yes -- the signature by Yahoo! Groups' own MTA will be valid".[1] Other signatures may be invalid, but according to DKIM they should be ignored. Perhaps you meant "won't this break DMARC?" and again the answer is (perhaps more surprisingly), "no"! The reason is that the mailbox in From: is @yahoo (or @yahoo-groups or something like that), and that MTA will DKIM sign after corrupting From: and adding that footer. This signature will be valid, and the domain in the mailbox in From: and the signing domain will be the same, and thus will accepted by a recipient participating in DMARC. The only problem is that anything Yahoo! Groups can do, the spammers and phishers can do too. (And of course that it violates RFC 5322.) Footnotes: [1] There are caveats to this, of course -- we *are* talking about *Internet mail*, where *anything* can happen and eventually does. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
