DKIM (was: Google thinks GNHLUG is spam now)

Lloyd Kvam python at venix.com
Wed Jul 29 19:50:14 EDT 2015


On Wed, 2015-07-29 at 14:56 -0400, Joshua Judson Rosen wrote:
> >   Might be we should setup DKIM on the GNHLUG server.  Anyone know
> how
> > to do that, and have the time?  CentOS 5.x, Sendmail, and GNU
> Mailman.
> 
> I could, but I don't think it's actually meaningful to "set up DKIM"
> for a mailing-list: the domain in the "From:" header in the message
> is that one that requests (or doesn't request) DKIM verification
> and specific failure-handling via either ADSP (old) or DMARC (newer);
> the subscribers' original sending servers have already inserted
> their own DKIM signatures for the ultimate receiving servers to check.
> The only reason for the list sever to check the signatures itself
> would be for it to throw mail away instead of relaying it;
> and there's probably not much point in the list adding its own
> signatures.
> 
> Unless you want to emulate what the yahoos at Yahoo! did
> and make the mailing list actually pretend that it's
> actually the original author all of the mail that passes through
> it....
> 
> The (non-yahoo) way you'd make the list comply with senders'
> overzealous signing
> is to just restrict the parts of the message the the list munges--
> e.g.: don't modify the "Subject:" header with the list-name
> (and we're already not-doing that), and don't add the helpful
> footer to the end of the message-body (but continuing to add
> the helpful "List-*:" headers should be fine).

DKIM fouled up a list I manage when the sender was @comcast.com or
@yahoo.com.  mailman broke the signatures and people using comcast and
yahoo could not receive the messages.

My fix in /etc/mailman/mm_cfg.py
#~ DKIM Handling
#~ set up allow author is list
REMOVE_DKIM_HEADERS = 1
ALLOW_FROM_IS_LIST = Yes
DEFAULT_FROM_IS_LIST = 1

Now all the emails are getting delivered.  I do NOT claim this is better
than the earlier advice, merely that this got email flowing again.

-- 
Lloyd Kvam
Venix Corp
DLSLUG/GNHLUG library
http://dlslug.org/library.html
http://www.librarything.com/catalog/dlslug
http://www.librarything.com/catalog/dlslug&sort=stamp
http://www.librarything.com/rss/recent/dlslug




More information about the gnhlug-discuss mailing list