From mboxrd@z Thu Jan 1 00:00:00 1970 From: George Dunlap Subject: Re: lists.xen.org Mailman configuration and DKIM Date: Fri, 3 Aug 2012 17:24:23 +0100 Message-ID: <501BFB37.4010307@eu.citrix.com> References: <20120802211157.GG8228@US-SEA-R8XVZTX> <20507.58318.416753.917851@mariner.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20507.58318.416753.917851@mariner.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ian Jackson Cc: Lars Kurth , Matt Wilson , "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org On 03/08/12 15:44, Ian Jackson wrote: > Matt Wilson writes ("[Xen-devel] lists.xen.org Mailman configuration and DKIM"): >> Several folks have let me know that my messages sent via lists.xen.org >> are marked as spam / spoofed, especially when using Gmail to receive >> Xen mail. I believe this is because outbound Amazon email contains a >> DKIM signature. When Mailman modifies my message and re-sends it, the >> DKIM signature is invalidated [1]. >> >> To work around this, Mailman 2.1.10 and later contain a configuration >> variable called "REMOVE_DKIM_HEADERS" [2]. Perhaps if this were turned >> on we'd work around the problem. > ... >> [1] http://wiki.list.org/display/DEV/DKIM >> [2] https://bugs.launchpad.net/mailman/+bug/557493 > Having checked RFC4871 I think it is clear that according to the > standards > - Mailman SHOULD NOT [1] strip DKIM-Signature > - No-one should treat a message with an invalid DKIM signature > differently from a message with no DKIM signature at all [2] It's actually pretty likely that gmail would also reject the mail if it had no DKIM signature, isn't it? In which case stripping the signature wouldn't really help. -George