It's a commonly known issue with mailing lists If you've got DKIM enabled on your domain example.com, when mailman (or whatever) inserts headers the hash will no longer match.
If you've got SPF enabled on example.com then the mailing list server almost certainly isn't included. When the receiving MTA checks the domain in the from header those checks will fail. There are ways around the DKIM issue. either stripping the sig completely at the mailing list server (might cause more failures) or heavily restricting the headers used in hashing at the sending MTA. For the SPF side, not much you can do (assuming you don't want to add various 3rd party controlled servers to your spf record). Only real answer is for the list to send from its own domain, but then you start losing useful functionality. On 17 Feb 2018 19:06, "Wanderingnet" <wandering...@protonmail.com> wrote: Does anyone know why Tor Talk entries are consistently flagged as failing domain authentication, thereby as potentially spoofed? Sent from [ProtonMail](https://protonmail.com), Swiss-based encrypted email. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
