FreeBSD lists and DKIM
John Levine
johnl at iecc.com
Sun Aug 3 20:17:45 UTC 2014
>On 02/08/2014 21:32, Dennis Glatting wrote:
>> Mail coming through the FreeBSD lists often breaks messages signed
>> through DKIM. What is the policy to resolve this issue?
That is not a bug, as has been established in endless discussions at
the IETF and elsewhere. Many people who do not understand DKIM claim
otherwise, but they are wrong. (RFC 6377 is not helpful, since
despite its confusing title, it's purely speculative advice that had
never been implemented at the time it was published.)
>The advice for the MLM to apply its own signature to a message is
>problematic in that it magnifies the cpu load required to process
>messages quite a lot.
Speaking as someone who has run his own list servers for 20 years, I
can promise you that the incremental load to add DKIM signatures when
you're already running a list manager like Mailman or Majordomo or
Sympa is down in the noise.
There is a different problem with a new system called DMARC. Due to a
series of unfortunate actions at AOL and Yahoo, mail from aol.com and
yahoo.com senders sent through lists tends to vanish when received at
large ISPs including Hotmail and Comcast.
More info here: http://jl.ly/Email/aoldmarc.html
Options for working around DMARC damage: http://wiki.asrg.sp.am/wiki/Mitigating_DMARC_damage_to_third_party_mail
R's,
John
PS: It sure would be nice if the FreeBSD lists did what every other
list in the world does, and limit postings to subscribers, rather than
allowing random spam through.
More information about the freebsd-questions
mailing list