* Bill Cole:
> Please accept my apology for wasting your time
An apology is not necessary. Checking my own settings every once in a
while is not something I consider a waste, and you nudged me to using
c=relaxed/relaxed.
-Ralph
On 28 Mar 2019, at 13:09, Ralph Seichter wrote:
* Bill Cole:
Most recent bad signature:
Subject: Re: Rspamd as milter and 'discard' action
Date: Thu, 14 Mar 2019 21:08:33 +0100
Message-ID: <87wol1b4n2@ra.horus-it.com>
Weird. I have just verified the raw message, using both
* Bill Cole:
> Most recent bad signature:
>
> Subject: Re: Rspamd as milter and 'discard' action
> Date: Thu, 14 Mar 2019 21:08:33 +0100
> Message-ID: <87wol1b4n2@ra.horus-it.com>
Weird. I have just verified the raw message, using both 'dkimpy' and
http://www.appmaildev.com/en/dkimfile
On 26 Mar 2019, at 20:16, Ralph Seichter wrote:
* Bill Cole:
That's a level which makes me feel pretty sure that something in the
postfix-users pipeline is making an otherwise harmless change to
those
messages.
I have not checked every single message, but I just inspected a few of
my own
On 27 Mar 2019, at 3:51, Matus UHLAR - fantomas wrote:
On 26 Mar 2019, at 14:47, Matus UHLAR - fantomas wrote:
if the mailing list doesn't modify existing headers, DKIM signatures
are
valid but they don't align, so DMARC policy is violated.
On 26.03.19 15:40, Bill Cole wrote:
No: without
Greetings, Matus UHLAR - fantomas!
>>On 26 Mar 2019, at 14:47, Matus UHLAR - fantomas wrote:
>>>if the mailing list doesn't modify existing headers, DKIM signatures
>>>are
>>>valid but they don't align, so DMARC policy is violated.
> On 26.03.19 15:40, Bill Cole wrote:
>>No: without
On 26 Mar 2019, at 14:47, Matus UHLAR - fantomas wrote:
if the mailing list doesn't modify existing headers, DKIM signatures
are
valid but they don't align, so DMARC policy is violated.
On 26.03.19 15:40, Bill Cole wrote:
No: without modification of From, the original DKIM signature does
* Bill Cole:
> That's a level which makes me feel pretty sure that something in the
> postfix-users pipeline is making an otherwise harmless change to those
> messages.
I have not checked every single message, but I just inspected a few of
my own posts to this mailing list, and the signatures
On 26 Mar 2019, at 15:41, Ralph Seichter wrote:
* Bill Cole:
One solution would be to not break DKIM signatures. However, this is
harder than it seems.
Not modifying messages' bodies or any signed headers seems to do the
trick. :-)
Easier said than done, apparently.
About 5% of signed
* Bill Cole:
> One solution would be to not break DKIM signatures. However, this is
> harder than it seems.
Not modifying messages' bodies or any signed headers seems to do the
trick. :-) With that in mind, I have recently filed an issue for Mailman
3, asking for configuration mechanics to
On 26 Mar 2019, at 14:47, Matus UHLAR - fantomas wrote:
On 26.03.19 13:22, Bill Cole wrote:
Which is not a bad thing, in this context.
The problem is that most mailing lists routinely break DKIM signatures
anyway.
usually when they prepend Subject with a text (e.g. list id).
Often they
On 26 Mar 2019, at 13:39, Ralph Seichter wrote:
* Bill Cole:
Hence I wrote "break existing DKIM signatures".
Which is not a bad thing, in this context.
The OP made no mention of implementing DMARC himself, just modifying
headers.
It's not about whether the list operator implements DMARC
* Matus UHLAR:
Modifying the "From" header is pretty much guaranteed to break
existing
DKIM signatures [...]
many mailing lists modify the "From:" header in order to create their
own DKIM signature pass and conform to DMARC.
On 26 Mar 2019, at 13:09, Ralph Seichter wrote:
Hence I wrote
luc...@dds.nl:
Hi List,
I am running a mailing list server using?the ListServ software. List
members can send a message to a list, and the software essentially
forwards the message to the entire list, using the?following headers:
? ? Sender:
? ? From:
I use my own Postfix implementation
luc...@dds.nl:
> Hi List,
>
>
> I am running a mailing list server using?the ListServ software. List
> members can send a message to a list, and the software essentially
> forwards the message to the entire list, using the?following headers:
> ? ? Sender:
> ? ? From:
> I use my own Postfix
* Bill Cole:
> > Hence I wrote "break existing DKIM signatures".
>
> Which is not a bad thing, in this context.
The OP made no mention of implementing DMARC himself, just modifying
headers. In that scenario, I consider breaking existing signatures a bad
thing. I am aware of alignment mechanics,
On 26 Mar 2019, at 13:09, Ralph Seichter wrote:
* Matus UHLAR:
Modifying the "From" header is pretty much guaranteed to break
existing
DKIM signatures [...]
many mailing lists modify the "From:" header in order to create their
own DKIM signature pass and conform to DMARC.
Hence I wrote
* Matus UHLAR:
>>Modifying the "From" header is pretty much guaranteed to break existing
>>DKIM signatures [...]
>
> many mailing lists modify the "From:" header in order to create their
> own DKIM signature pass and conform to DMARC.
Hence I wrote "break existing DKIM signatures".
-Ralph
* lucas2:
Is it possible to configure Postfix to replace the address in the
"From:" header with the value in the "Sender:" header?
On 26.03.19 17:50, Ralph Seichter wrote:
Modifying the "From" header is pretty much guaranteed to break existing
DKIM signatures (I have never seen anybody not
* lucas2:
> Is it possible to configure Postfix to replace the address in the
> "From:" header with the value in the "Sender:" header?
Modifying the "From" header is pretty much guaranteed to break existing
DKIM signatures (I have never seen anybody not sign "From"), so I doubt
that would
Hi List,
I am running a mailing list server using the ListServ software. List
members can send a message to a list, and the software essentially
forwards the message to the entire list, using the following headers:
Sender:
From:
I use my own Postfix implementation as SMTP server to
21 matches
Mail list logo
