nanog mailing list archives
Re: Are DomainKeys for e-mail signing dead?
From: "John Levine" <johnl () iecc com>
Date: 1 Mar 2014 02:41:58 -0000
If your LISTSERV -- gets mail from somebody with a domain that requires their mail to be validly signed (for instance, via DMARC) -- leaves that sender's address in the From: line -- and breaks the DKIM signature
Ah, that problem. I'd strongly suggest a shim in front of LISTSERV that checks for DMARC policies other than p=none and rejects the incoming mail, simply to protect other members of the list. Otherwise people who follow DMARC advice will reject list mail and get bounced off the list. Yes, this actually happens. R's, John
Current thread:
- Re: Are DomainKeys for e-mail signing dead? John Levine (Feb 28)
- <Possible follow-ups>
- Re: Are DomainKeys for e-mail signing dead? Elizabeth Zwicky (Feb 28)
- Re: Are DomainKeys for e-mail signing dead? John Levine (Feb 28)
- Re: Are DomainKeys for e-mail signing dead? staticsafe (Feb 28)