> * Patrick Ben Koetter via Postfix-users <postfix-users@postfix.org>:
>
>> * Gerald Galster via Postfix-users <list+post...@gcore.biz
>> <mailto:list+post...@gcore.biz>>:
>> I just wrote that because p@rick (sys4 AG) asked on the mailop mailinglist
>> 2023-02-17 "Should mailing list messages be DKIM signed? (ARC / DKIM)".
>> He was about to setup a new mailing list server with mailman 3.
>> Given there are virtually no other lists in postorious index, chances are
>> this is a new server currently only hosting the postfix mailinglist
>> and some testlists so that settings might not be final yet.
>>
>> Just out of curiosity it would have been nice to know why he made
>> that choice.
>
> You mean why I choose to use Mailman 3 and not other MLMs?
No, I meant ARC signing for this mailinglist because I do not see a lot of
benefit to verify a sender across a public mailinglist.
The MTA usually verifies DKIM and rejects mails so only valid mails reach
the mailinglist and additionally you must be a registered user to post.
From my perspective it would be sufficient to strip all incoming DKIM
headers and only sign the outgoing mail as the sender changed to
postifx-us...@postfix.org anyway.
> MLM and MM3 is modern. There are some things I don't like about MM3. If you
> come from Postfix MM3 documentation is, to put it, frustrating.
Installing mailman 3 is a small challenge, especially when mailman core
and the webui need different python versions. That may have changed and
besides that I'm running mailman 3 without issues for years. That's why
I like it although I'm more in favor of perl ;-)
> But most of all I wanted to create a Mailing list platform that is capable of
> and uses modern email technologies. We have ARC in place and need to figure
> out a few undocumented issues we still need to address before it will actually
> work. But that's a temporary problem. I want it to use ARC because even though
> it is still EXPERIMENTAL, it will likely be here to stay and ARC has been
> designed to fix the DMARC issues that had been put on our shoulders when DMARC
> was adopted by major industry players.
While I still deem dkim/arc overkill for a public mailinglist I can understand
there are reasons to showcase a complete setup with all modern technologies.
I'm not convinced arc will be widely adopted. After all it is just a solution
for forwarding/remailing, that should be avoided anyway. Forwarding/aliasing
is useful within a company or a mailprovider where it does not cause problems.
Those mostly arise when emails are forwarded between distinct mailproviders
and for those infrequent cases there are better solutions like fetchmail.
Otherwise, if it would be impossible at some time to deliver emails without
dkim and arc, it would have to become an integral part of MTAs like DANE.
Moreover antispam software needs to evaluate and build dkim/arc reputation
databases to cope with spam ... I'm not sure forwards are worth that effort.
We'll see if it's going to stay. Thanks for elaborating!
Best regards,
Gerald
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
