[Mailman-Users] mailman, yahoo! and DKIM signatures

Mark Sapiro mark at msapiro.net
Thu Aug 25 19:12:21 CEST 2011

On 8/25/2011 12:13 AM, Ralf Hildebrandt wrote:
> Situation:
> ==========
> A user from charite.de is using the R-project mailinglist (mailman) to
> ask a valid question about the R-Project
> All our mails are DKIM signed.
> Now a list member of the R-project mailinglist at Yahoo! uses the "This
> is Spam" button to report the mail as unwanted, and subsequently I (as
> postmaster for Charite) receive a spam complaint.
> Problem:
> ========
> Yahoo! seems to "trust" the DKIM header and thus indentifies
> charite.de as sender, but in fact it's the R-project mailinglist which
> distributed the mail.
> I would very much prefer *THEM* to receive the "spam"-complaints, since
> there's nothing *I* can do (e.g. like unsubscribing the miscreants from the
> R-project mailinglist).
> So, shouldn't mailman strip existing DKIM headers before distributing
> the mail?

This is controversial. See
in particular, the thread beginning at
Beginning with Mailman 2.1.7, Mailman unconditionally removed DKIM and
domainkey signature headers from incoming posts. Then, due to the
controversy, beginning with 2.1.10 there is a Defaults.py/mm_cfg.py
setting REMOVE_DKIM_HEADERS which controls this and which defaults to No.

I understand that this doesn't help your situation, and trying to
convince all the potential operators of Mailman installations that host
lists that your users might mail to might be even more
frustrating/futile than trying to get Yahoo to do the right thing, but
based on past discussions, it seemed that defaulting Mailman's DKIM
signature removal to No was the right thing for Mailman.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list