--On Tuesday, August 18, 2015 11:30 AM +0200 Kurt Roeckx <k...@roeckx.be>
wrote:
On Mon, Aug 17, 2015 at 10:55:53AM -0700, Quanah Gibson-Mount wrote:
However, there are two solutions to that allow adding a footer when list
subscribers may have DKIM signed email:
a) As noted in the OpenDKIM README, in the "Mailing Lists" section, if
the list traffic is itself has DKIM signing in place, it will override
the DKIM signing done by the sender. This allows the footer
modification to the message to no longer be an issue.
This fixed the DKIM problem, not the DMARC issue. For DMARC the
signature should come from the same as the From address. Since
SPF is going to fail with your From, the receiver will need to see
DKIM that matches the From. For DMARC either SPF or DKIM should
be valid and match the From field, while for SPF and DKIM itself
the From doesn't matter.
So really the only options for DMARC are:
- Do not touch either the signed headers or body at all, leave From
intact, keep the DKIM signatures. But even then it might break.
- Change the From. You can leave the DKIM signature in tact or
remove it, it doesn't change anything.
I think option #3 here:
<https://dmarc.org/wiki/FAQ#I_operate_a_mailing_list_and_I_want_to_interoperate_with_DMARC.2C_what_should_I_do.3F>
would be the solution?
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
