[openssl-dev] Mailman version used by OpenSSL is misconfigured and/or broken in relation to DKIM
Quanah Gibson-Mount
quanah at zimbra.com
Mon Aug 17 17:55:53 UTC 2015
--On Wednesday, August 05, 2015 5:54 PM +0200 Kurt Roeckx <kurt at roeckx.be>
wrote:
> On Wed, Aug 05, 2015 at 06:54:33AM -0700, Quanah Gibson-Mount wrote:
>> Yesterday, I was alerted by a member of the list that my emails to
>> openssl-dev are ending up in their SPAM folder. After examining my
>> emails as sent out by OpenSSL's mailman, I saw that it is mucking with
>> the headers, causing DKIM failures. This could be because of one of two
>> reasons:
>> a) The version of mailman used by the OpenSSL project (2.1.18) has a
>> known bug around DKIM that was fixed in 2.1.19
>
> That seems to be about wrapped messages in case of moderation?
Ok, good to know, not applicable here then. ;)
>> b) The mailman configuration is incorrect.
>
> You mean things like:
> - We change the subject to include the list name?
I've fixed our config to no longer sign the subject header.
> - We add a footer about the list?
Yes, this is definitely a problem, since it screws with the body.
Personally, I don't see the point of the openssl-dev footer. If someone's
on the list, I would hope they're smart enough to figure out how to
unsubscribe (although sadly, I see time and again on other lists where
people aren't...).
However, there are two solutions to that allow adding a footer when list
subscribers may have DKIM signed email:
a) As noted in the OpenDKIM README, in the "Mailing Lists" section, if the
list traffic is itself has DKIM signing in place, it will override the DKIM
signing done by the sender. This allows the footer modification to the
message to no longer be an issue.
b) Mailman can be configured to strip DKIM headers entirely from incoming
email. This is generally considered bad practice, but it does allow the
emails to get delivered to all list members w/o issue.
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the openssl-dev
mailing list