![](https://secure.gravatar.com/avatar/85a99b25cf78c0293215f307acd00fb9.jpg?s=120&d=mm&r=g)
Stephen,
Thanks for your reply. I am replying directly to your email as I didn't see your reply in the threads of my original post.
My guess is that you are not getting complaints because it is just recently that the big name email servers (gmail, yahoo, icloud, microsoft) have just recently started enforcing the DKIM standard and what makes it worse is that they all seem to be taking different approaches to that enforcement. Could also be that most of the mailman users are using mailman 3.xx - but unfortunately CPANEL does not support that version - they recently let me know that they are going to continue to support mailman 2.xx even though it is no longer being maintained by python so hopefully we can get them involved in finding a solution.
In my environment (WHM/CPANEL) mailman version 2.1.39 is not DKIM signing the mailman emails. All other emails that my domains send out are being DKIM signed - so it looks like EXIM is doing it's job on all outgoing mail except that being sent by mailman ...
I have added you to a mailing list on my test server and will send a message out. You will see that it does not have a DKIM signature from the domain that is sending the emails out - that is if you get the email at all - I can see if your email server rejects the email - but if it does I can not see if it actually makes it to your inbox .
I will send you a separate email letting you know that I sent a message thru the mailing list - so if it does not make it to your inbox you can check your spam/junk folder.
My VPS is OS Alma Lunix 9.x on which I installed WHM/CPANEL (124.0.23), CloudLinux 9.5 and Imunify 360.
So i just sent out a message via a mailman list (members@template.missoucimasternaturalists.org <mailto:members@template.missoucimasternaturalists.org>) - lets see if you get it.
My server tells me it made it to your email server and was accepted.
JerryB
On Jan 27, 2025, at 8:40 AM, Stephen J. Turnbull <turnbull@sk.tsukuba.ac.jp> wrote:
jerry.barnabee--- via Mailman-Users writes:
CPANEL does all the heavy lifting for me - e.g. I don't have to add any code anywhere - the only thing that I have to do is make sure the correct spf, dkim and dmarc dns records exist on my name server for each of my domains- which they do. Pretty sure opendkim is not being used by CPANEL.
I assume that cPanel uses *something*, and that it's reasonably sane by default. The combination of Mailman and cPanel is common enough that I expect we would be inundated with complaints about DKIM if it wasn't. Unfortunately, cPanel doesn't seem to provide publicly available documentation, so I can't say more than that.
I check if I can see any DKIM settings in EXIM
Exim4 (unlike Postfix and Sendmail) does implement DKIM itself. It uses different criteria (probably settings in individual router or transport stanzas?) to determine how to sign a message. As far as I can see, there's nothing like the SenderHeaders parameter Mark mentioned. The documentation for current Exim4 and DKIM is in https://exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_srs_and_dm... It looks pretty straightforward (but I haven't configured an Exim4 system in a decade).