[Bug 796602] New: mailman, DKIM-Signature: r=y nd RFC 6651

Bug ID 796602
Summary mailman, DKIM-Signature: r=y nd RFC 6651
Classification Infrastructure
Product sysadmin
Version unspecified
OS All
Status NEW
Severity normal
Priority Normal
Component Mailman
Assignee sysadmin-maint@gnome.bugs
Reporter dilyan.palauzov@aegee.org
QA Contact sysadmin-maint@gnome.bugs
GNOME version ---

This email https://mail.gnome.org/archives/gtk-list/2018-June/msg00010.html 
contains the header

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096;
        t=1529047876; i=dkim+MSA-tls@aegee.org; r=y;

The message was signed before mailman added terminating
gtk-list mailing list

so the signature is invalid.

Due to RFC6651, r=y in DKIM-Signature, and the value of DNS TXT
_report._domainkey.aegee.org, after sending the email I two reports about
failed DKIM-Signatures were generated.

Please either:
- remove r=y from DKIM-Signature on email arriving mailman/gnome, 
- remove all DKIM-Signatures, if they are going to be invalidated by mailman,
- instruct mailman not to modify the distributed messages (hence remove the
bottom banner), or
- change the domain at From:
  * put @..gnome.org as from, move the original From: as Sender, or
  * put @..gnome.org as from, move the From address in the display-part
  * substitute the sender with some random  address in @...gmail.com , and
ensure that all emails to that address are forwarded to the original sender
(Listserv does so).

There is enough material on the topic about mailing lists, I think there is
even a RFC describing the possible approaches.  The current configuration is
no-go, as it leads to generating false positive feedback-reports.

You are receiving this mail because:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]