[Mailman-Developers] Dealing with DomainKeys and DKIM
iane at sussex.ac.uk
Mon Sep 12 11:41:48 CEST 2005
--On 10 September 2005 13:03:29 -0600 Joe Peterson <joe at skyrush.com> wrote:
> What I tried was pretty simple: Mailman doesn't have to deal with these
> things itself, but if it strips the old keys from the header, the keys
> will be regenerated on the way out by the MTA, thereby making the whole
> process clean. So the receiver of the email can at least verify that
> the mail came from the host hosting Mailman. I suppose Mailman could
> also check email on the way in for valid keys if it wanted, but that's
> another subject...
No, the MTA should check the keys. That is; if you ever want to reject mail
on the basis of them. Mailman can't reject mail without generating
collateral SPAM. What would be nice would be a way that Mailman *could*
refuse to accept mail from the MTA.
You could also configure your MTA to remove the keys. I presume it will
want to do that when forwarding mail for any reason.
Sussex University ITS
More information about the Mailman-Developers