Hi Linus, Thanks! Its hopefully fixed now.
For those who are interested. Rspamd, by default, includes the sender address into the list of signed headers: https://www.rspamd.com/doc/modules/dkim_signing.html#default-sign_headers-after-173 > End result: the DKIM signature is guaranteed to fail after the email > has gone through a mailing list. There is RFC6377 which discusses this problem. On possible solution is a mailing list service which understands DKIM and can check/sign the messages. See: https://tools.ietf.org/html/rfc6377 > You do have a few other oddities in there (the duplication of the > common fields), but they shouldn't matter. This is actually according to RFC. Listing signed header-fields multiple times prohibits them from beeing modified and resigned my other MTAs. Thanks again, Steffen On Sun, Oct 28, 2018 at 03:53:07PM -0700, Linus Torvalds wrote: > [ This is not about your patch series per se, only about your email settings ] > > On Sun, Oct 28, 2018 at 3:20 PM Steffen Vogel <p...@steffenvogel.de> wrote: > > > > This is my first series of patches for the Linux kernel. > > I started by familiarizing myself with coding style and > > satisfying my inner OCD by cleaning the 1-wire subsystem. > > Sadly, your DKIM setup is wrong, causing all the emails to be marked > as spam when they go through a mailing list. > > Your DKIM header looks like this: > > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=steffenvogel.de; > s=2017; t=1540764601; > h=from:from:sender:reply-to:subject:subject:date:date: > message-id:message-id:to:to:cc:cc:mime-version:mime-version: > content-type:content-transfer-encoding:content-transfer-encoding: > in-reply-to:in-reply-to:references:references; > > and the problem with that is the "sender" field in there. > > A good mailing list will not change the contents of your email, or > most of the other headers, but it *will* set the sender field to the > mailing list. > > > In other words, putting the sender field as part of the DKIM-checked > headers is just wrong. It's a somewhat common mistake, but it's still > wrong. I wonder where people get their setups from, because I think > there is some DKIM guide on the internet that is actively spreading > this bad behavior. > > > Linus
