[Mailman-Developers] Dealing with DomainKeys and DKIM

Ian Eiloart iane at sussex.ac.uk
Mon Sep 12 11:41:48 CEST 2005

--On 10 September 2005 13:03:29 -0600 Joe Peterson <joe at skyrush.com> wrote:
> What I tried was pretty simple: Mailman doesn't have to deal with these
> things itself, but if it strips the old keys from the header, the keys
> will be regenerated on the way out by the MTA, thereby making the whole
> process clean.  So the receiver of the email can at least verify that
> the mail came from the host hosting Mailman.  I suppose Mailman could
> also check email on the way in for valid keys if it wanted, but that's
> another subject...

No, the MTA should check the keys. That is; if you ever want to reject mail 
on the basis of them. Mailman can't reject mail without generating 
collateral SPAM. What would be nice would be a way that Mailman *could* 
refuse to accept mail from the MTA.

You could also configure your MTA to remove the keys. I presume it will 
want to do that when forwarding mail for any reason.

Ian Eiloart
Servers Team
Sussex University ITS

More information about the Mailman-Developers mailing list