[Mailman-Users] Striping out original DKIM header

Andrew Hodgson andrew at hodgsonfamily.org
Mon Oct 10 12:45:49 CEST 2011

Syafril Hermansyah [syafril at dutaint.co.id] wrote:

>My list has been run smoothly so far, but I got complaint from list
>member who use yahoo.com family domain, all of their own posting goes to
>to spam folder.

>I suspect this is because mailman not stripe out original DKIM header so
>that the DKIM verification going bad,


>It does pass DKIM for domain python.org but not pass (BAD) for my own
>domain (my domain has DKIM key).
>This is logically correct since DKIM also sign for content of the
>message and since Mailman alter the content I think she should remove
>original DKIM header.

Simply add the following to mm_cfg.py:


Taken from defaults.py:

# Some list posts and mail to the -owner address may contain DomainKey or
# DomainKeys Identified Mail (DKIM) signature headers <http://www.dkim.org/>.
# Various list transformations to the message such as adding a list header or
# footer or scrubbing attachments or even reply-to munging can break these
# signatures. It is generally felt that these signatures have value, even if
# broken and even if the outgoing message is resigned. However, some sites
# may wish to remove these headers by setting this to Yes.

Note that there is various discussions around this topic, I had a similar issue with Yahoo, what I ended up doing was signing the messages leaving Mailman using the MTA, and not stripping any DKIM header.  This works fine now and Yahoo subscribers are receiving mail.


More information about the Mailman-Users mailing list