[cp-global] DKIM-failures on this list (cp-global)

yanosz cp-global at yanosz.net
Sun Nov 21 11:43:23 GMT 2021


Hei folks,

looking at my last mail, I noticed a DKIM failure in the SMTP-header[2]. 
This can contribute to false-positiv's in user's spam filters.

Potentially, this is due mailman munging the subject line without 
striping the existing DKIM signature.

IMHO, this is bad practice. One could either maintain the subject line 
as it is (i.e. not add [cp-global]) or configure mailman to strip-of the 
existing signature if munging and re-sign the message using DKIM, again 
(preferred, setting [1]

Greetz, yanosz

[1] Mailman-setting: REMOVE_DKIM_HEADERS
# Some list posts and mail to the -owner address may contain DomainKey or
# DomainKeys Identified Mail (DKIM) signature headers 
<http://www.dkim.org/>.
# Various list transformations to the message such as adding a list 
header or
# footer or scrubbing attachments or even reply-to munging can break these
# signatures.  It is generally felt that these signatures have value, 
even if
# broken and even if the outgoing message is resigned.  However, some sites
# may wish to remove these headers.  Possible values and meanings are:
# No, 0, False -> do not remove headers.
# Yes, 1, True -> remove headers only if we are munging the from header due
#                 to from_is_list or dmarc_moderation_action.
# 2 -> always remove headers.
# 3 -> always remove, rename and preserve original DKIM headers.

[1]: DKIM-fail:
X-Spam-Status: No, score=0.202 tagged_above=-400 required=3.41
	tests=[DKIM_INVALID=0.1, DKIM_SIGNED=0.1,
	HEADER_FROM_DIFFERENT_DOMAINS=1, MAILING_LIST_MULTI=-1,
	SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mx.jluehr.de ([127.0.0.1])
	by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id RgH0lzMq6rJP for <cp-global at yanosz.net>;
	Fri, 19 Nov 2021 10:43:25 +0000 (UTC)
Received: from cryptoparty.is (cryptoparty.is [185.112.146.239])
	by mx.jluehr.de (Postfix) with ESMTPS
	for <cp-global at yanosz.net>; Fri, 19 Nov 2021 10:43:12 +0000 (UTC)
Received: from ice2.cryptoparty.is (localhost [IPv6:::1])
	by cryptoparty.is (Postfix) with ESMTP id D8C454192D;
	Fri, 19 Nov 2021 10:43:10 +0000 (GMT)
X-Original-To: global at cryptoparty.is
Delivered-To: global at cryptoparty.is
X-Greylist: delayed 446 seconds by postgrey-1.36 at ice2;
  Fri, 19 Nov 2021 10:43:09 GMT
Received: from mx.jluehr.de (mx.jluehr.de [176.9.62.119])
  by cryptoparty.is (Postfix) with ESMTPS id B8CC2418E0
  for <global at cryptoparty.is>; Fri, 19 Nov 2021 10:43:09 +0000 (GMT)
Received: from localhost (localhost [127.0.0.1])
  by mx.jluehr.de (Postfix) with ESMTP id A4177A700109
  for <global at cryptoparty.is>; Fri, 19 Nov 2021 10:35:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=yanosz.net;
  s=mx_yanosz; t=1637318142;
  bh=I5YgRIFXpUJ1Vmphp2aDU0KE9UKZO1PUlJS1m/Ty3EU=;
  h=Date:To:From:Subject:From;
  b=XgJXfh3cm/qFykm2qw8BNdcfUNjqolZMjH8awwNUhBQQdOqVn3nNkxR1xXR4ee7Re
  XaAMpwYfhReeVuhlMQzxSCb4h170Zb6OH8JCwvcIU86ARWIv19gyzJsdyg7ta7q3bw
  9+t8bS1+tqzgPdofcDOal6kUaBpqKv+HeVFuJw0pcxEZF1WR7UFu4D6vfprfzm7pOc
  9Zs6JxO6YIjp93U1bnBJJqeS1rBL+6hd+Nw/RLBFNkqvp1G94cHYBm1TAY/+Sl0G7H
  EJj6kvi/Y3oBqcejc/ZfbMuMjDg2Ic8OjKcAffcCj9jJqBErPrCY3k/LvNRa+ORSl9
  8H2khCmh8R/Ag==
Received: from mx.jluehr.de ([127.0.0.1])

-- 
There shall, in that time, be rumors of things going astray, erm, and 
there shall be a great confusion as to where things really are, and 
nobody will really know where lieth those little things with the sort of 
raffia work base that has an attachment. At this time, a friend shall 
lose his friend's hammer and the young shall not know where lieth the 
things possessed by their fathers that their fathers put there only just 
the night before, about eight o'clock.
-- Monty Python


More information about the global mailing list