[Bug 796602] New: mailman, DKIM-Signature: r=y nd RFC 6651

From: "sysadmin" (GNOME Bugzilla) <bugzilla gnome org>
To: gnome-infrastructure gnome org
Subject: [Bug 796602] New: mailman, DKIM-Signature: r=y nd RFC 6651
Date: Sat, 16 Jun 2018 16:18:52 +0000

Bug ID	796602
Summary	mailman, DKIM-Signature: r=y nd RFC 6651
Classification	Infrastructure
Product	sysadmin
Version	unspecified
OS	All
Status	NEW
Severity	normal
Priority	Normal
Component	Mailman
Assignee	sysadmin-maint@gnome.bugs
Reporter	dilyan.palauzov@aegee.org
QA Contact	sysadmin-maint@gnome.bugs
GNOME version	---

This email https://mail.gnome.org/archives/gtk-list/2018-June/msg00010.html 
contains the header

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096;
        t=1529047876; i=dkim+MSA-tls@aegee.org; r=y;
        bh=LSwu01GbKpQBGU5sZBpHMKytHBsYGlUq2+VKJnnHrSE=;
        h=Subject:From:To:Date;
        b=Z7nXt5dC...

The message was signed before mailman added terminating
_______________________________________________
gtk-list mailing list
gtk-list@gnome.org
https://mail.gnome.org/mailman/listinfo/gtk-list

so the signature is invalid.

Due to RFC6651, r=y in DKIM-Signature, and the value of DNS TXT
_report._domainkey.aegee.org, after sending the email I two reports about
failed DKIM-Signatures were generated.

Please either:
- remove r=y from DKIM-Signature on email arriving mailman/gnome, 
- remove all DKIM-Signatures, if they are going to be invalidated by mailman,
- instruct mailman not to modify the distributed messages (hence remove the
bottom banner), or
- change the domain at From:
  * put @..gnome.org as from, move the original From: as Sender, or
  * put @..gnome.org as from, move the From address in the display-part
  * substitute the sender with some random  address in @...gmail.com , and
ensure that all emails to that address are forwarded to the original sender
(Listserv does so).

There is enough material on the topic about mailing lists, I think there is
even a RFC describing the possible approaches.  The current configuration is
no-go, as it leads to generating false positive feedback-reports.

You are receiving this mail because:

You are watching the QA Contact of the bug.
You are watching the assignee of the bug.

Follow-Ups:
- [Bug 796602] mailman, DKIM-Signature: r=y nd RFC 6651
  - From: sysadmin
- [Bug 796602] mailman, DKIM-Signature: r=y nd RFC 6651
  - From: sysadmin
- [Bug 796602] mailman, DKIM-Signature: r=y nd RFC 6651
  - From: sysadmin

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]