I have demime in front of most of my larger lists, and I can tell you from casual peeks at the incoming copy that I keep, there are far too many people who send html email. My lists nuke all the html, so I'd say probably 75% of the incoming messages are modified.
I also would concur that deleting the DKIM sig would be the proper thing to do, as an invalid sig is sure to count towards spamminess. Its a challenge at times to get these emails delivered (I've pretty much given up on AOL, they are in such a mess), so anything like this that will trigger more unsuccessful deliveries is a real problem. Bob ---------- Original Message ----------- From: Mark Sapiro <[EMAIL PROTECTED]> To: Michael Thomas <[EMAIL PROTECTED]> Cc: mailman-developers@python.org Sent: Thu, 1 Feb 2007 15:06:25 -0800 Subject: Re: [Mailman-Developers] dkim-signature headers > Michael Thomas wrote: > > > >Yes, there's no question that mailman as well as lots of other software > >can destroy signatures. In practice as people seem to actually use them, > >it is more theoretical than real. We've been running DKIM signers/verifiers > >for going on a year now and the 99% I quoted is across a 25000 user > >population which probably uses mailing lists far more than most similarly > >sized companies. > > I'm sure your statistics are valid for your environment, but I'm not > sure that they are universally applicable. Consider what I think is a > fairly typical situation exemplified by [EMAIL PROTECTED] I > don't know what fraction of incoming posts to this list are > multipart/alternative with text/plain and text/html alternative > parts, but I see many just from people who Cc: me directly. > > It would be a fairly simple matter to go through the .mbox archive > for any list that has one and count the number of X-Content-Filtered- > By: Mailman/MimeDel and compare that to the number of messages. in > fact, I just did that for a cycling club discussion list I managed, > and just over 20% of the messages had content removed. Since the > most common result of this is to throw away a text/html part and > collapse the message to a single part, I submit that this will break > a significant number of signatures. > > No if the only result of this were that the recipient's MTA/MUAs > considered these messages to be unsigned, that would be OK, but my > understanding is that in some cases at least, these messages are > either discarded or flagged as having invalid signatures. Either of > these alternatives is not good. The former discards wanted messages, > and the latter trains recipients to ignore the fact that signatures > are invalid. > > That said, it would be a simple matter to make the removal of these > signature headers a site option (or even a list option, but I think a > site option is more appropriate). > > It would be better still to be able to make Mailman play better with > DKIM so that we wouldn't have to break or remove signatures. > > I note that Joe is one of the people who first identified the need to > remove these headers. Perhaps together, we can find a better way. > > See > <http://sourceforge.net/tracker/index.php?func=detail&aid=1287546&group_id=103&atid=300103> > for some discussion. > > -- > Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > > _______________________________________________ > Mailman-Developers mailing list > Mailman-Developers@python.org > http://mail.python.org/mailman/listinfo/mailman-developers > Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py > Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ > Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/bob%40nleaudio.com > > Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp ------- End of Original Message ------- _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
