On Fri, Nov 7, 2025 at 6:04 AM Nicolas George via ffmpeg-devel <[email protected]> wrote: > > Pavel Roslyy via ffmpeg-devel (HE12025-11-04): > > The headers that are signed for DKIM can be configured. It is not > > recommended, but if needed you can remove Subject from the list of > > signed headers. > > “Eh, Google, can I edit your DKIM settings to exclude the Subject > header, so that we can add ‘[ffmpeg-devel]’ in it?” > > I doubt they will let us.
I was misunderstanding what mailman does, so my statement was nonsense and can be disregarded. > > I had a similar situation at $dayjob where we wanted the From to have > > the user's email but the mail to be sent from our server. The solution > > I found was to include a Sender header after the From, in this case > > it should probably be "Sender: [email protected]". This should > > cause the SPF lookup to happen to ffmpeg.org instead of > > their-domain.org. Note that if the From is already [email protected] > > then > > you should not add a Sender header, according to RFC 5322. > > Too bad, DMARC killed that loophole. I did some digging and have come to the conclusion you are right. Setting "From: [email protected]" with "Sender: [email protected]" will cause SPF and DKIM to pass but DMARC will fail because neither SPF or DKIM will be in "alignment" with the mail From header. ARC (Authenticated Received Chain) could theoretically help but basically requires mail operators to put ffmpeg.org on a whitelist as a trusted signer, assuming they even support ARC. Setting From: to be @ffmpeg.org seems to be the only practical solution. Sorry for the noise. Regards, Pavel Roslyy _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
