Yep, for a time I was doing some testing of DKIM on my server (using the
sendmail milter). )I was using sendmail at the time, and I have since
switched to Postfix.) I did stop using DKIM after a while, and one
reason was the mailing list stumbling block.
Since passing messages through Mailman appeared to always render a
signature invalid, it certainly seemed correct to remove the sig from
the header, thus allowing the outgoing MTA the chance to re-sign the
message as the mail list server (not as good as an original sig, but at
least it would pass the DKIM test at the receiving end). I know that
one is supposed to treat an invalid signature the same as no signature,
but knowingly letting email go out (and it is Mailman that is sending
it) with a bad signature certainly felt "irresponsible" and potentially
misleading.
Now, if it is indeed possible to come up with a way to make Mailman
successfully pass the original signature through validly, that would be
a big win - a real challenge I suspect. But I guess the big question
now is what to do in the short term. I'm happy to back out the change,
but perhaps we should let a few others weigh in on this topic first.
-Joe
Mark Sapiro wrote:
> I note that Joe is one of the people who first identified the need to
> remove these headers. Perhaps together, we can find a better way.
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
