Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Yahoo's DMARC debacle

49 views
Skip to first unread message

Charlie Brady

unread,
Apr 27, 2014, 11:47:36 AM4/27/14
to qps...@perl.org

I'm sure that many of you know about this:

http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html

and are dealing with the fallout. I'm interested to know what people are
doing about it. Does anyone have working plugins?

I've seen suggestions about rewriting From addresses, and there's another
one here - selectively rejecting messages with troublesome From: addresses
with:

5.x.x DMARC p=reject not compatible with email sent to a mailing list

http://www.ietf.org/mail-archive/web/ietf/current/msg87253.html

Charlie Brady

unread,
Apr 27, 2014, 11:50:30 AM4/27/14
to qps...@perl.org

On Sun, 27 Apr 2014, Charlie Brady wrote:

> I'm sure that many of you know about this:
>
> http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html

Here's a very clear explanation of how the problem manifests:

http://www.ietf.org/mail-archive/web/ietf/current/msg87436.html

Charlie Brady

unread,
Apr 28, 2014, 9:13:34 AM4/28/14
to Matt Simerson, qps...@perl.org

On Sun, 27 Apr 2014, Matt Simerson wrote:

> > and are dealing with the fallout.
>
> I dealt with the "fallout" on my mailing lists in May of 2013:
>
> http://matt.simerson.net/news/2013/05/01/dkim-and-mailing-lists

Your "fix":

> cd path/to/ezmlm/list; rm prefix text/trailer addtrailer

doesn't work for me:

bash-3.00$ ls prefix text/trailer addtrailer
ls: prefix: No such file or directory
ls: text/trailer: No such file or directory
ls: addtrailer: No such file or directory
bash-3.00$

So either DKIM isn't relevant, or something else in my
qpsmtpd/qmail/ezmlm-idx chain is breaking DKIM. Any suggestions?

Charlie Brady

unread,
Apr 28, 2014, 9:20:45 AM4/28/14
to qps...@perl.org

On Sun, 27 Apr 2014, Matt Simerson wrote:

> If you're operating a mailing list, you have 3 choices:
>
> 1. Don't break DKIM
> 2. If you insist upon breaking DKIM by adding subject prefixes and message trailers, take ownership of the message by changing the From address to your own domain.
> 3. Alter the From address and add the original senders address to the Reply-To header.

So my question remains, does anyone have working qpsmtpd plugins for doing
such transformation on mailing list messages?

Charlie Brady

unread,
Apr 28, 2014, 2:00:43 PM4/28/14
to qps...@perl.org

On Mon, 28 Apr 2014, Matt Simerson wrote:

> > So either DKIM isn't relevant, or something else in my
> > qpsmtpd/qmail/ezmlm-idx chain is breaking DKIM. Any suggestions?
>
> If ezmlm isn't adding a list prefix or message trailers, then it's
> unlikely that ezmlm is breaking the messages DKIM signatures.
>
> Are you using any QP plugins that alter list messages?

Not specifically, and not as far as I know.

> (The addition of X-* and Received headers are generally DKIM agnostic).
> Altering any message header specifically listed in the DKIM-Signature h
> property, or the altering the message body (attachment stripping,
> charset conversion, etc.) are the types of changes that are likely to
> invalidate a DKIM signature.

ezmlm is quite likely to be stripping attachments.

> The way to test is create yourself a new list and subscribe to it from a
> gmail or yahoo address. Then send messages to the list and check their
> headers when they return to your freemail account. Gmail will filter
> them to the Junk folder if they fail SPF or DMARC tests.

Thanks. I'll do that, then send an invoice for my time to yahoo. :-)

>
> Matt
>
>
0 new messages