Arnt Gulbrandsen <[email protected]> writes: > Looks perfect.
Thanks for fixing it! > I've heard that DKIM is incompatible with mailing lists. The reality > may be that DKIM is incompatible with some mailing lists, namely those > that add an additional footer, mangle the subject or remove To/From/Cc > fields. Let's call it an accidental feature ;) DMARC relies on SPF and DKIM, and requires one of them to verify correctly in order for the message to pass DMARC. When a message is passed through a mailing list remailer, or even just forwarded by a '.forward' file entry or something, SPF is no longer in alignment, so DKIM has to pass for the message to be accepted as being "from" whoever sent it. As you say, mailing lists have a tendency to mess things up for DKIM. This is why e.g. 'mailman' has a setting where it checks the DMARC policy of the sender, and if that's set to anything stricter than 'none', the mail is instead sent by the mailing list "from" the list, but with the sender's name (often like "John Doe via aox-users"), and with a 'Reply-To' that points to the sender's actual email address. Works fine, and is no hassle at all. I use Gnus as my MUA, and what mailman does makes the reply and followup functions there behave exactly the way they do with an unmodified message, like the one I'm doing a followup on right now. Still, the purist in me prefers something that works the way you've now set this list up, where DKIM passes through unharmed - and if someone sets up their DKIM signing to include oversigning on list headers, well, then that's really an active statement from them that they do not want email from their domain to be passed through mailing lists, isn't it? -tih -- The creation of the state of Israel was a regrettable mistake. It is time to undo this mistake, and finally re-establish a free Palestine.
