[Bug 1845751] Re: cc modification due to nodup setting breaks DKIM & thus DMARC

Mark Sapiro mark at msapiro.net
Fri Oct 11 14:23:08 EDT 2019

I've been thinking about this report and patch, but hadn't formed a
clear idea of a response. Now comments #2 has arrived which is really a
separate issue.

With respect to comment #2, it asserts "when the list suppresses sending
to a given user, it rewrites mail headers to drop that user from cc".
This is backwards. A member's address is removed from Cc only if the
member's "avoid duplicates" setting is off, not on. This only affects
the scenarios in that the premise becomes "User A is a user with the
feature disabled".

With respect to the original proposal/patch, I'm concerned that the
patch only bypasses the Cc alteration when the From: domain publishes a
relevant DMARC policy and won't be otherwise changed. It fails to
consider whether other DKIM signature breaking transformations such as
subject prefixing, addition of headers/footers and content filtering are
being done. I'd be more inclined to accept a new "don't break DKIM"
setting which if enabled would trump all settings that alter the message
in a DKIM signature breaking way.

However, that all said, There are a few other considerations. I will
soon release Mailman 2.1.30 which will be the last Mailman 2.1 release
from the GNU Mailman project. I think the way to deal with DMARC in the
future is with ARC, https://www.rfc-editor.org/info/rfc8617. There is
ARC support in Mailman 3, although I think it can also be implemented in
the MTA without involving Mailman.

Also, I have never fully understood why Cc dropping is dependent on the
member's "avoid duplicates" setting at all (this predates my involvement
with Mailman). It is intended to prevent Cc lists from growing without
bound in long threads where everyone is doing reply-all, but why only
Cc: and not To:, and why only addresses that don't "avoid duplicates".
In short, I'm reluctant to make a change without a clear direction which
I don't have.

** Changed in: mailman
   Importance: Undecided => Wishlist

** Changed in: mailman
       Status: New => Triaged

You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.

  cc modification due to nodup setting breaks DKIM & thus DMARC

To manage notifications about this bug go to:

More information about the Mailman-coders mailing list