On Sat, May 21, 2016 at 1:39 PM, Jim Popovitch <jim...@gmail.com> wrote:
> > Some explanation for my deep curiosity.... Mailman (which I hack on > here and there) and other MLMs had problems in the past because > Mailman modifies the body and appends a footer (as seen on this list). > So the advice, years ago, was to strip any incoming DKIM sig, than add > a new DKIM sig from the MLM host before reflecting the msg. There should have been no need to remove pre-existing DKIM sigs (as long as receivers did the right thing and treated broken signatures as if they hadn't been there at all). > What I would like to do is find a way to keep > incoming sigs, keep the mailing list footer, add the MLM's DKIM sig, > and have all sigs validate. That won't happen unless you have the private keys of the initial senders in order to regenerate the signature; however, I think that much of what you want to accomplish is handled by the new ARC draft which is currently being considered for adoption into the IETF DMARC WG for further development. You can see some information about ARC at arc-spec.org or in the two drafts related to ARC (I recommend starting with the usage draft), join the ARC-specific arc-discuss mailing list, or weigh in on the DMARC WG. --Kurt Andersen
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
