Konstantin Ryabitsev wrote in <20230612-landline-jawless-f2c113@meerkat>: |On Mon, Jun 12, 2023 at 06:45:37PM +0200, Alessandro Vesely via Gnupg-us\ |ers wrote: |>> What the list-software would need to do is to strip the original \ |>> DKIM signature |> |> Why? Original signatures can often be recovered. They shouldn't \ |> be removed |> anyway. | |If list-software is doing something to make the DKIM signature no longer |verify, it must remove the DKIM signature or rewrite the From: header to |change alignment.
My Mailman2 has "REMOVE_DKIM_HEADERS = 2". (But this will change, somewhen.) |>> or to not modify the message (at least not the designated header lines, |>> and the body). More info here: |> |> |> Omitting subject tag and footer seems to me to be worse than From: \ |> munging. | |No it isn't. Changing the subject and adding the footer is a damaging |anti-pattern from mid-nineties. If the end-user wants to filter mail, \ |they can |do it based on the List-Id header or any other criteria. Lists that \ |still do |this in 2023 need to be updated to no longer do this. That is your own biased thing to which i am totally opposed to. The traditional email way uses a single INBOX and dispatches non-deleted things from there (also automatically). I am happy that many lists i am on continue to use that subject tagging, or reintroduced it, because i get a human-compatible overview with a single glance (already thread-sorted) when i look into my INBOX. This includes IETF lists, tuhs and coff, 9fans, oss-sec and many more. (Having said that lists i read like those from NetBSD never did anything such, and did not need to change anything to work in today's email world.) |> I'd definitely recommend ARC, not the conceptual Mailman 3 version. |> However, most receivers are not yet prepared to accept it. | |ARC is just adding more things to the chain that you must explicitly trust. |It's basically an assurance from the remailer that "oh, btw, I checked this |message and its DKIM was good, trust me." It's useful for the huge mail |providers like Yahoo/Gmail/Outlook, but standing up your own ARC-signing |infrastructure is largely just wasting cycles. If you do DKIM then ARC does make sense. (I am a bit away from the standards though.) SPF/DKIM/ARC are maybe a thing, especially when being holistic; dmarc destroyed email (not), it should imho be boycotted. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) |~~ |..and in spring, hear David Leonard sing.. | |The black bear, The black bear, |blithely holds his own holds himself at leisure |beating it, up and down tossing over his ups and downs with pleasure |~~ |Farewell, dear collar bear _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
