On 09/20/2016 11:47 AM, Stephen J. Turnbull wrote: > This almost certainly has nothing to do with Mailman, if I'm reading > the spamassassin reports correctly. It says that the DKIM signature > validated on the way out of Mailman, which means that the From that > you all received is the From that Trent sent.
I agree with the conclusion, but DKIM doesn't prove it. There are two DKIN signatures in the headers and they were both added by the Mailman server. The first > Sep 20 09:18:02 zeta opendkim[3099]: 36FFF20158EC6: DKIM-Signature field added (s=szeta, d=mydomain.com) added to the inbound message before MailScanner and delivery via "autoresponder service". This one validated > Sep 20 09:18:04 zeta MailScanner[20657]: Message 36FFF20158EC6.A07F8 from 111.111.111.111 (tr...@mydomain.com) to mydomain.com is not spam, SpamAssassin (not cached, score=-6.095, required 4, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, HTML_MESSAGE 0.00, RP_MATCHES_RCVD -3.10) but it was added after the message was received. The second > Sep 20 09:18:11 zeta opendkim[3099]: E3B7120158EC5: DKIM-Signature field added (s=szeta, d=mydomain.com) was added after Mailman but before MailScanner on the outbound message and it also validated > Sep 20 09:18:18 zeta MailScanner[22098]: Message E3B7120158EC5.ABE01 from ::1 (sjv-geosupport-boun...@mydomain.com) to mydomain.com is not spam, SpamAssassin (not cached, score=-6.095, required 4, ALL_TRUSTED -1.00, BAYES_00 -1.90, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, HTML_MESSAGE 0.00, RP_MATCHES_RCVD -3.10) But both these signatures were validated almost immediately after they were locally added, so they really say nothing about the headers in the message as originally sent. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org