From: Kent <kent@kamar.nz>
To: mlmmj@mlmmj.org
Cc: Christof Thalhofer <chrisml@deganius.de>
Subject: Re: [mlmmj] Mailing Lists and DKIM signing breaking when sender DKIM policy is REJECT
Date: Tue, 9 Apr 2024 10:23:27 +1200 [thread overview]
Message-ID: <7055F300-DB55-48CC-BDFD-A54D456559AA@kamar.nz> (raw)
In-Reply-To: <ab501d33-6446-40dc-bf91-e6d3c3a3b00e@deganius.de>
Hi Christof,
Thanks for the reply - and yes, it's From-munging that I'm wanting to be able to do.
I want to be able to:
1) Insert [ListName] into the start of the subject.
2) Make it so when someone uses 'Reply' (not Reply-All), that their reply comes back to the list by default. This means either the 'From' or 'Reply-To' has to be set to the list address.
However doing either/both these actions is invalidating the original senders dkim and then its delivery is dependant on the dmarc policy of the original user (and anything other than a policy of none means delivery isn't guaranteed).
The guide you referenced highlights the issue.
1) If mlmmj just passes on the message unmodified, then the original senders dkim is checked (and should pass).
2) if mlmmj modifies the subject and/or adds another header (eg Reply-To:) then depending on the original senders dkim criteria (eg. Google includes Reply-To in their dkim signature) will fail in this case. And when it fails, it may send or not depending on their DMARC policy.
This is exactly what was happening in our case.
I note this mailing list:
1) Modifies the 'Subject' by inserting [mlmmj] at the start - this will invalidate the original senders dkim.
2) Sets the 'Sender:' header, however this didn't make any difference when I used 'Reply' It wasn't until I clicked 'Reply All' that the list was added as a recipient (and the Cc recipient) and hence why I was originally setting the 'Reply-To:' header.
What's the process to request a flag to make this option available ?
As much as I avoid Google myself, the enforcing by Google and Yahoo of SPF, DKIM and DMARC means you are needing to do what they do like it or not, and their own mailing lists are From-munging !
Cheers
Kent
> On 8 Apr 2024, at 6:23 PM, Christof Thalhofer <chrisml@deganius.de> wrote:
>
> Am 08.04.24 um 07:32 schrieb Kent:
>
>> The only thing I haven't worked out is how to insert the original
>> senders name into the 'From' so each message at least looks like it
>> came from someone different.
>> Anyone have any ideas on how I can achieve this last bit in the
>> puzzle ?
>
> Mlmmj cannot do From-munging. But if you don't break DKIM-Signatures by altering headers like From, Subject, Body and Reply-To the mails from your mailinglist will be accepted.
>
> https://begriffs.com/posts/2018-09-18-dmarc-mailing-list.html
>
> Alles Gute
>
> Christof Thalhofer
>
> --
> Dies ist keine Signatur
>
>
>
next prev parent reply other threads:[~2024-04-08 22:59 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-08 5:32 [mlmmj] Mailing Lists and DKIM signing breaking when sender DKIM policy is REJECT Kent
2024-04-08 6:23 ` Christof Thalhofer
2024-04-08 22:23 ` Kent [this message]
2024-04-09 7:40 ` Christof Thalhofer
2024-04-09 8:46 ` Baptiste Daroussin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7055F300-DB55-48CC-BDFD-A54D456559AA@kamar.nz \
--to=kent@kamar.nz \
--cc=chrisml@deganius.de \
--cc=mlmmj@mlmmj.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).