On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
> The fundamental reason is because Mailman is rewriting the headers in an
> incompatible way. It is not his site's usage of DKIM. This is a known
> issue with Mailman. (I used to have a good link explaining the issue,
> but can't find it now; if I find it later I'll post it.)
So we have a 20-year old piece of technology ("mailman") and a modern
proposal ("DKIM")... and somehow it's mailman's fault. Uh huh.
Note; it's not just mailman that has problems, it's _any_ mail forwarder.
Going back 27 years to my first Unix account, I could create a file called
".forward" that would forward my mail to another address. This is BROKEN
by DKIM.
Basically DKIM is incompatible with how internet email works.
But here's the thing... I think DKIM has a potential future; we need to
_change_ how the internet works. So mailman will need to be rewritten;
mail forwarders will need to change. And so on.
I use DKIM on my domain but I specifically set it to "fail safe" (deliver
it anyway) because I _know_ the internet, today, isn't compatible. I get
email reports so I can see if spammers _are_ sending as me.
The problem is with domains like yahoo.com who have a "fail deny"
policy. Any yahoo.com sender gets so much mail rejected that many
mail lists auto-block yahoo senders these days.
The problem, ultimately, is with senders with a "reject" policy published.
DKIM is not compatible with internet email today, and so mail from those
senders _will_ be rejected.
--
rgds
Stephen
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
