[SAC] [postgis-devel] DMARC/DKIM mitigation on maling lists
Sandro Santilli
strk at kbt.io
Fri Oct 27 01:20:33 PDT 2023
[ moving conversation to SAC mailing list as I think it belongs there ]
On Thu, Oct 26, 2023 at 02:08:45PM +0200, Sandro Santilli via postgis-devel wrote:
> Ok, this is now live for postgis-tickets. I had to:
>
> 1. Set "Replace the From" to "no"
> https://lists.osgeo.org/mailman/admin/postgis-tickets/general
>
> 2. Disable "Reply-to" munging
> https://lists.osgeo.org/mailman/admin/postgis-tickets/general
>
> 3. Remove footer from the non-digest options
> https://lists.osgeo.org/mailman/admin/postgis-tickets/nondigest
>
> You can see the subsequente differences from the archive:
> https://lists.osgeo.org/pipermail/postgis-tickets/2023-October/date.html
Laurențiu (in Cc) tested sending a DKIM-signed email to the
postgis-tickets configured as mentioned above and the mail was found
to still break the DKIM signature.
Here's what I get as Authentication-Results header when the mail arrives
to my mailbox:
Authentication-Results:
dkim=fail ("headers rsa verify failed") header.d=dend.ro header.s=fm2 header.b="HQmGmY/I";
dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b=o8qZA0x2;
dmarc=fail reason="SPF not aligned (relaxed)" header.from=dend.ro (policy=quarantine);
spf=pass
Magnus: if we wanted to compare with PostgreSQL lits, would any of
those lists be good test targets ?
Does anyone know if this the DKIM failures above could still have to do with
mailman configuration ?
NOTE: I've set Reply-To: sac at lists.osgeo.org but I'm not sure how
postgis-devel and sac mailman lists will threat it...
--strk;
More information about the Sac
mailing list