04.12.2020 17:35, Michal Suchánek пишет:
On Fri, Dec 04, 2020 at 02:57:10PM +0100, Per Jessen wrote:
Hans-Peter Jansen wrote:
Am Freitag, 4. Dezember 2020, 13:36:38 CET schrieb Per Jessen:
Michal Suchánek wrote:
No, not really. If I received opensuse lists on my personal e-mail I would be pissed off right now.
Without this change, postings with your corporate address would be quarantined or rejeted by any server that implements DMARC.
That's the point, that I don't grasp, Per. Do you say, that adding a list tag to the subject my eg. mailman results in DMARC invalidation? I cannot find a reference to this in the DMARC description.
If this is discussed elsewhere, could you point me there?
Hi Pete
I think it has been described and discussed a couple of times, but it doesn't hurt to repeat it :-)
when a domain (in this example "suse.com") uses DKIM signatures, a hash of the email contents is added to an email. The hash usually includes a selection of headers and the email body. That's the key - a selection. Does the selection ahve to include teh subject?
It is recommended but not required. OTOH receiving party is free to not trust signature if it includes "not enough" fields ... :) But reading RFC 4871: Entities such as mailing list managers that implement DKIM and that modify the message or a header field (for example, inserting unsubscribe information) before retransmitting the message SHOULD check any existing signature on input and MUST make such modifications before re-signing the message. IOW mailman /could/ check existing DKIM signature, insert ARC header that confirms that message was successfully validated and then add DKIM-Signature header that covers modified message.