Re: BUG #18822: mailing lists reject mails due to DKIM-signature
| От | Bruce Momjian |
|---|---|
| Тема | Re: BUG #18822: mailing lists reject mails due to DKIM-signature |
| Дата | |
| Msg-id | Z7oNu1KTYbb5F8np@momjian.us обсуждение исходный текст |
| Ответ на | Re: BUG #18822: mailing lists reject mails due to DKIM-signature (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: BUG #18822: mailing lists reject mails due to DKIM-signature
|
| Список | pgsql-bugs |
On Sat, Feb 22, 2025 at 12:25:57PM -0500, Tom Lane wrote:
> Stefan Kaltenbrunner <stefan@kaltenbrunner.cc> writes:
> > On 22.02.25 17:56, Matthias Apitz wrote:
> >> Have you read what the RFC 6576 specifies about exactly this case?
>
> > we are a forwarder that (in the case of a List-* header) NEEDS to modify
> > the message so we cannot forward it without breaking.
>
> Yeah. Regardless of what may be written in the RFC, there are only
> these possibilities when the mailing list forwarder receives a
> message like this:
>
> 1. Add the PG list headers, don't touch the DKIM header, forward.
> Most modern recipients will reject the result as spam because it
> fails DKIM checks.
>
> 2. Don't add the PG list headers, don't touch the DKIM header,
> forward. Many list recipients will discard or at least
> misclassify the result for lack of PG list headers.
>
> 3. Add the PG list headers, discard the DKIM header, forward.
> This may well end up marked as spam too, and it's certainly
> not complying with the intent of DKIM.
>
> 4. Reject the message.
>
> To the extent that including List-* in a DKIM signature has any
> real-world use, it is precisely to disavow the message if it's
> forwarded by a mailing list.
>
> The short answer here is that your ISP are fools, or else are
> intentionally preventing their users from participating in
> mailing lists.
I will admit I was shocked to realize I have to modify the default
Debian exim4 DKIM header signing to submit to email lists, and I am
confused why there is a header signing default on Debian that includes
List-* headers.
With the help of Magnus, I was able to use this script:
exim -bP macros | grep '^_DKIM_SIGN_HEADERS=' | sed --regexp-extended 's/:?\<(Resent-|List-)[^:]*//g'
to prevent signing of all Resent and List headers, and use this line in
exim4.conf.localmacros:
DKIM_SIGN_HEADERS=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:In-Reply-To:References
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Do not let urgent matters crowd out time for investment in the future.
В списке pgsql-bugs по дате отправления: