On 25 Oct 2011, at 17:13, Stephen J. Turnbull wrote:
Murray S. Kucherawy writes:
What it says is the list should re-sign if it modifies the message (or, in general, re-sign anyway). So append whatever you want, just re-sign the message. Are you insisting that advice is defective?
Defective, maybe not.
But I don't think I would follow it for my own lists. I'd rather remove the signature
I think the advice is to NOT remove the signature. The DKIM spec says that a broken signature is equivalent to the absence of a signature. However, leaving the signature in place can help administrators to diagnose problems with the transmission chain.
and tell people who are using anal-retentive ISPs that refuse to pass unsigned messages to switch, because there are too many people out there who will report you as a spammer rather than unsubscribe. I don't want my signature associated with any such thing.
I've not come across any such ISPs. I suppose they may exist.
In my view, all message senders (including list owners) should publish SPF records and DKIM sign messages. Recipients should be satisfied with either an SPF PASS or a good DKIM sig, to give them a reliable domain name to apply reputation tests to.
Most legitimate messages would be identifiable by one of those mechanisms. MLMs would be OK by virtue of the fact that they use their own sender domains. Traditional forwarders usually would not be breaking DKIM signatures, and would not have to worry about SPF breakage.
-- Ian Eiloart Postmaster, University of Sussex +44 (0) 1273 87-3148