Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Nov 2018 17:10:27 +0100 (CET)
From:      =?ISO-8859-1?Q?Trond_Endrest=F8l?= <>
To:        FreeBSD questions <>
Subject:   Re: Invalid DKIM signatures in this list
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Mon, 26 Nov 2018 19:52+0700, Victor Sudakov wrote:

> Dear Colleagues,
> I have noticed that the Mailman which manages this list keeps the sender's
> "DKIM-Signature:" header intact but modifies the body of the message by adding
> a footer.

Are you sure?

When I received your message, the hash was made up using Message-ID, 
Subject, To, From, Date, and In-Reply-To. I failed to find the latter 

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;;
 s=20181118; h=Message-ID:Subject:To:From:Date:In-Reply-To;
 bh=lVqWu5A0dAGlwfZYAoaU7QQKfWUKOcE/0wgIPuvq06E=; b=oSl0oX15pzIzynwTUSwgm7sFrQ

> This behavior invalidates the sender's digital signature with
> "dkim=fail (body hash mismatch; body probably modified in transit)". 
> I think, according to the common sense and RFC6377, the Mailman should either
> remove the "DKIM-Signature:" when modifying the body, or refrain from
> modifying the body, or add its own valid "DKIM-Signature:" from scratch. What
> is currently happening does not make sense.
> Whom do I contact about it?
> An example of this behaviour can be seen in the message with Message-Id:
> <> and others.


Want to link to this message? Use this URL: <>