Doug Foster skrev den 2020-07-06 14:48:
I like the idea of making signatures recoverable wherever possible.
For mailing lists, I wonder if this approach is sufficient to solve
the whole problem. If the MLM transformation is for security rather
than informational purposes, I expect that the transformations will
be (even should be) non-reversible.
For some spam filters, it might be important. Lots of spam filters
add DKIM-invalidating content upon entry to the protected domain.
Many of those changes should be reversible. URL rewrite is the most
difficult to reverse using this approach.
However, when the incoming and outgoing email gateways are from the
same vendor, as I suspect is often the case, the reversal should
already be feasible using proprietary methods. Is any known spam
filter vendor doing this type of reversal?
i know mailman can do the right things, ARC sealing, and then nothing
more, then its op to DMARC to test results from ARC, job done
but this does not work if DKIM is breaked before ARC sealing is done,
and DMARC testing is not yet maked into stable releases yet, and in
gentoo none of it exists
i have dropped OpenDKIM, OpenARC, OpenDMARC, and now just live with
fuglu
modification and thereby confirm that the original signature still
verifies against the original content.
in the end it might work better if maillists in generic does not try to
fix anything thay self creates as a problem to solve, dovecot and
postfix maillists is known to not break DKIM, and currrently only
dovecot is doing ARC sealing, not the worst case, but nice to know that
maillist can stop breaking DKIM
hope it will be standard in 2021 finaly
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
