mailman, yahoo! and DKIM signatures
Situation:
A user from charite.de is using the R-project mailinglist (mailman) to ask a valid question about the R-Project
All our mails are DKIM signed.
Now a list member of the R-project mailinglist at Yahoo! uses the "This is Spam" button to report the mail as unwanted, and subsequently I (as postmaster for Charite) receive a spam complaint.
Problem:
Yahoo! seems to "trust" the DKIM header and thus indentifies charite.de as sender, but in fact it's the R-project mailinglist which distributed the mail.
I would very much prefer *THEM* to receive the "spam"-complaints, since there's nothing *I* can do (e.g. like unsubscribing the miscreants from the R-project mailinglist).
So, shouldn't mailman strip existing DKIM headers before distributing the mail?
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de
On 8/25/2011 12:13 AM, Ralf Hildebrandt wrote:
Situation:
A user from charite.de is using the R-project mailinglist (mailman) to ask a valid question about the R-Project
All our mails are DKIM signed.
Now a list member of the R-project mailinglist at Yahoo! uses the "This is Spam" button to report the mail as unwanted, and subsequently I (as postmaster for Charite) receive a spam complaint.
Problem:
Yahoo! seems to "trust" the DKIM header and thus indentifies charite.de as sender, but in fact it's the R-project mailinglist which distributed the mail.
I would very much prefer *THEM* to receive the "spam"-complaints, since there's nothing *I* can do (e.g. like unsubscribing the miscreants from the R-project mailinglist).
So, shouldn't mailman strip existing DKIM headers before distributing the mail?
This is controversial. See <http://www.google.com/search?q=site:mail.python.org+inurl:mailman-developers+dkim>, in particular, the thread beginning at <http://mail.python.org/pipermail/mailman-developers/2007-February/019346.html>. Beginning with Mailman 2.1.7, Mailman unconditionally removed DKIM and domainkey signature headers from incoming posts. Then, due to the controversy, beginning with 2.1.10 there is a Defaults.py/mm_cfg.py setting REMOVE_DKIM_HEADERS which controls this and which defaults to No.
I understand that this doesn't help your situation, and trying to convince all the potential operators of Mailman installations that host lists that your users might mail to might be even more frustrating/futile than trying to get Yahoo to do the right thing, but based on past discussions, it seemed that defaulting Mailman's DKIM signature removal to No was the right thing for Mailman.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
- Mark Sapiro <mark@msapiro.net>:
This is controversial. See <http://www.google.com/search?q=site:mail.python.org+inurl:mailman-developers+dkim>, in particular, the thread beginning at <http://mail.python.org/pipermail/mailman-developers/2007-February/019346.html>. Beginning with Mailman 2.1.7, Mailman unconditionally removed DKIM and domainkey signature headers from incoming posts. Then, due to the controversy, beginning with 2.1.10 there is a Defaults.py/mm_cfg.py setting REMOVE_DKIM_HEADERS which controls this and which defaults to No.
I understand that this doesn't help your situation, and trying to convince all the potential operators of Mailman installations that host lists that your users might mail to might be even more frustrating/futile than trying to get Yahoo to do the right thing, but based on past discussions, it seemed that defaulting Mailman's DKIM signature removal to No was the right thing for Mailman.
Well, it's good to hear somebody put some thought into this :)
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de
participants (2)
-
Mark Sapiro
-
Ralf Hildebrandt