From owner-freebsd-questions@freebsd.org Tue Nov 27 02:25:17 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4B10911535DA for ; Tue, 27 Nov 2018 02:25:17 +0000 (UTC) (envelope-from johnl@iecc.com) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gal.iecc.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A872D7B3E3 for ; Tue, 27 Nov 2018 02:25:16 +0000 (UTC) (envelope-from johnl@iecc.com) Received: (qmail 56167 invoked from network); 27 Nov 2018 02:25:15 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=db65.5bfcab0b.k1811; bh=TUBChZ+yg13W3FntdaAmbjleSwq1v1aVgT8UT2wFyzw=; b=ejWjw9mCLQ2Bt/NnflWkOeGlV5OCXeXW3oluJmOslAz3fORAmJBDJHTg+DwLxoQ2d5RxTHPn7vIGdecqAhZmfaasvo1VohRgNIm6ABQPXu607uRqx5ETHVOtD/fuxfg3WzYDI+fW6b3rA92R/MSPi5x20Is7Qg9FKrzOAM6vueKAaHhb50uAvJ6pJ7zRsHgHdUps320DlUWK2pemOHqlJdtkRaprd0Y98nsl3KyrILXMgon5tsJjCgfxEUvkFa3i Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 27 Nov 2018 02:25:15 -0000 Date: 26 Nov 2018 21:25:14 -0500 Message-ID: From: "John R. Levine" To: "Victor Sudakov" Cc: freebsd-questions@freebsd.org Subject: Re: Invalid DKIM signatures in this list In-Reply-To: <20181127015856.GA79319@admin.sibptus.ru> References: <20181126125259.GB86999@admin.sibptus.ru> <20181126172133.CDCDB2008E6098@ary.qy> <20181127015856.GA79319@admin.sibptus.ru> User-Agent: Alpine 2.21 (OSX 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-Rspamd-Queue-Id: A872D7B3E3 X-Spamd-Result: default: False [-5.60 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[iecc.com]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:470:1f07:1126::/64]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: mx.iecc.com]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[iecc.com,none]; DKIM_TRACE(0.00)[iecc.com:+]; NEURAL_HAM_SHORT(-0.97)[-0.974,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-1.61)[ipnet: 2001:470::/32(-4.50), asn: 6939(-3.48), country: US(-0.09)]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 02:25:17 -0000 On Tue, 27 Nov 2018, Victor Sudakov wrote: > The problem is in FreeBSD's mailing list manager which is broken IMHO. If you are saying that it's broken because it's not deleting old DKIM signtures, I'm sorry, but you're simply mistaken. I helped write the DKIM specs so I'm not guessing here. > See RFC 6377 > > "The best general recommendation for dealing with MLMs is that the MLM > or an MTA in the MLM's domain apply its own DKIM signature to each > message it forwards and that assessors on the receiving end consider > the MLM's domain signature in making their assessments. (See > Section 5, especially Section 5.2.)" I helped write that RFC. It was and is just guessing. While it would be a good idea for the lists to add their own signature, they're not broken if they don't. And that says nothing about deleting old signatures. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly