The point of DKIM (and moreso DMARC) is to prevent spoofing in the
absence of functioning PGP and S/MIME infrastructure. It is not as
strong as end to end encryption, but benefits from being zero effort
for most of the users protected, as it is handled almost entirely by
mail system administrators.
Unfortunately, the rushed implementation of the SPF+DKIM+DMARC
combination meant that handling of mailing lists wasn't properly
integrated in the specifications. Which in turn resulted in some
pretty horrible implementation ideas by both the DMARC group (having
each mail list server set up complex e-mail aliases for each
participant) and MailMan (suggesting that mailing lists kick out any
participants on a DMARC-compatible mail server).
On 24/09/2019 16:06, Narcis Garcia wrote:
Is far better mail servers use SPF and not DKIM.
DKIM is a signature between servers, but valid author's signatures are
far better done with PGP by author itself because is made by author and
verified by reader.
DKIM doesn't protect mail content autenticity at all, beginning with the
content sent from MUA to MTA.
PGP signatures are compatible with mailing lists footers and prefixes.
DKIM has only sense to mail servers control mail contents, and being
from same mail servers that contents can be hacked.
El 10/9/19 a les 10:38, Peter Maydell ha escrit:
Hi; this is an announcement to let you know that in future
emails to all QEMU project mailing lists (including this one)
will no longer have the [qemu-*] tag in their Subject line.
We need to make this config change because having the mailing
list server edit subject lines like this conflicts with the
increasingly common DKIM/DMARC anti-email-forgery system. We
used to work around this by having the list server rewrite
email From addresses instead, but this has proven to have
bad consequences (notably that patches applied from emails
to QEMU can end up with incorrect authorship by accident).
If you were using the Subject line tag to filter QEMU emails,
you'll need to change your mail client's config to instead
look at the "List-Id:" message header to identify list traffic
(you can do this now without waiting for us to change the
list config to drop the subject tags).
Apologies for any inconvenience that this upcoming config
change might cause you.
thanks
-- PMM
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded