I'm tempted to say: if the mailing list is going to do *anything* to the message other than act as a simple reflector, it *must* strip out any existing dkim signature. What it does after that is up to the mailing list.
Tony Hansen [EMAIL PROTECTED] John Levine wrote: >> So I'm asking for a pointer to the "how mailing lists break >> signatures" report, if it exists so I can learn a bit more. > > This was argued at some length about a year ago, but I can't > dig up offhand exactly where. Here's some of the more popular > mutations: > > - Add fixed list name tag and varying message serial number to Subject: > > - Add, delete, or replace Reply-To: header > > - Reformat From: line into a standard form, e.g., <[EMAIL PROTECTED]> foo > -> [EMAIL PROTECTED] (foo) > > - Add a bunch of extra headers like List-ID: and Precedence: > (shouldn't affect signature unless one replaces an existing header) > > - Add a footer to the end of the body > > - Add a "fronter" to the beginning of the body > > - Add, delete, or reorder MIME parts > > - Unpack and re-pack MIME parts with different delimiters > > - Add a footer to one or more MIME parts > > - Edit a footer into an HTML part (Yahoo groups does this) > > - Convert HTML to text or vice versa > > - Recode between 7bit and 8bit, or quoted printable to/from base64 > > I quickly came to the conclusion that other than the shrinking > minority of lists that do nothing at all to headers or body, it's > completely hopeless to try to make a signature that will survive list > processing. > > And I still have a lot of trouble thinking of plausible scenarios > where mail from a domain with SSP restrictions would legitimately be > sent through a list. _______________________________________________ ietf-dkim mailing list http://dkim.org