On Tue, Jun 4, 2019 at 8:46 PM James Cook <jc...@cs.berkeley.edu> wrote:
> On Wed, 15 May 2019 at 20:22, ais...@alumni.bham.ac.uk > <ais...@alumni.bham.ac.uk> wrote: > > Translated to English, this states that the email should not be > > considered valid if the Subject fail was modified in transit. Of > > course, the Subject of the email actually was modified (by the list > > software, inserting the BAK:), so the message fails to verify. The > > cryptography behind DKIM can't detect that a message is "almost right", > > it's just a simple pass/fail (in particular, the recipients can't > > distinguish an entirely forged email from an email that's correct apart > > from the subject line). > > I think I've seen some mailing lists rewrite every message as being > "from" some email address under the list's control, which I'm guessing > would fix the DMARC issue. Are there significant disadvantages to > that? I guess it makes it tricky to figure out how to reply in > private; is there some way to work around that via a reply-to address > that wouldn't also make it tricky to reply to the list? Sure, it would fix the DMARC issue, but it would also make it very hard to tell at a glance who sent which message. Modern mailers have a lot of features for that, but they’re all based around the from line. -Aris > >
