From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 7AD293858D39; Thu, 5 Jan 2023 22:05:45 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7AD293858D39 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1672956345; bh=FAOGoj0mY5hSdU2kfYZXv+Y7JztcPDfBpCBjr/ac+Q4=; h=From:To:Subject:Date:In-Reply-To:References:From; b=xHw9CtoBXPLZC5Hq6VC2uU2MwUISzFQNMXuOBec4NJn3ZexCqL/6TQNS0lc6zEfRH 6c6l4QneXwTKkSw+6smyqLcmYOuK0TdpYGP+G77mwNvgwwS8dTa3rQ+FHoKwaVo1Q3 O0/gwBLezSv5k6bXQPuFm/GMOmgjMtzcaF9qc5eA= From: "mark at klomp dot org" To: overseers@sourceware.org Subject: =?UTF-8?B?W0J1ZyBJbmZyYXN0cnVjdHVyZS8yOTcxM10gUGxlYXNlIG1ha2Ug?= =?UTF-8?B?bGliYy1hbHBoYSBtYWlsaW5nIGxpc3QgY29tcGF0aWJsZSB3aXRoIOKAnGdp?= =?UTF-8?B?dCBhbeKAnQ==?= Date: Thu, 05 Jan 2023 22:05:43 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: sourceware X-Bugzilla-Component: Infrastructure X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: mark at klomp dot org X-Bugzilla-Status: WAITING X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: overseers at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D29713 --- Comment #37 from Mark Wielaard --- (In reply to Florian Weimer from comment #36) > Asserting the non-existence of these headers is what breaks DKIM signatur= es > with mailing lists. I reported this upstream-upstream here: >=20 > Signed header defaults break mailing lists > Thanks. There is also a Exim and Debian bug for this: https://bugs.exim.org/show_bug.cgi?id=3D2394 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D939808 It looks like a workaround is to not rely on the default exim setting of the dkim sign headers, but explicitly set it to: DKIM_SIGN_HEADERS =3D From:From:=3DSender:Reply-To:Subject:Subject:Date:To:Cc:Message-ID:In-Reply= -To:References:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-= ID:Content-Description:=3DResent-Date:=3DResent-From:=3DResent-Sender:=3DRe= sent-To:=3DResent-Cc:=3DResent-Message-ID:=3DList-Id:=3DList-Help:=3DList-U= nsubscribe:=3DList-Subscribe:=3DList-Post:=3DList-Owner:=3DList-Archive" > If Exim (or pdkim really) are unwilling to fix this, Mailman (or something > in front of Mailman) needs to be taught to strip such anti-mailing-list D= KIM > signatures. The problem with getting this fixed seems to be that some people are convin= ced dmarc and dkim will just break mailinglists always, so they don't see a poi= nt in fixing the defaults. Stripping can only be done if the dmarc policy for the domain doesn't requi= re DKIM signatures, otherwise we will either have to bounce them before they r= each the list or do From munging anyway (as suggested in comment #6). --=20 You are receiving this mail because: You are the assignee for the bug.=