Date: Tue, 27 Nov 2018 08:58:56 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: John Levine <johnl@iecc.com> Cc: freebsd-questions@freebsd.org Subject: Re: Invalid DKIM signatures in this list Message-ID: <20181127015856.GA79319@admin.sibptus.ru> In-Reply-To: <20181126172133.CDCDB2008E6098@ary.qy> References: <20181126125259.GB86999@admin.sibptus.ru> <20181126172133.CDCDB2008E6098@ary.qy>
next in thread | previous in thread | raw e-mail | index | archive | help
John Levine wrote: >> >>I have noticed that the Mailman which manages this list keeps the >>sender's "DKIM-Signature:" header intact but modifies the body of the >>message by adding a footer. >> >>This behavior invalidates the sender's digital signature with >>"dkim=fail (body hash mismatch; body probably modified in transit)". > >Quite right. That's how DKIM works. The problem I'm talking about is not in DKIM. DKIM works as expected. The problem is in FreeBSD's mailing list manager which is broken IMHO. > >>Whom do I contact about it? > >Nobody. See RFC 6376, section 6.3. See RFC 6377 "The best general recommendation for dealing with MLMs is that the MLM or an MTA in the MLM's domain apply its own DKIM signature to each message it forwards and that assessors on the receiving end consider the MLM's domain signature in making their assessments. (See Section 5, especially Section 5.2.)" -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181127015856.GA79319>