David Gibbs a écrit : > mouss wrote: >> - this modifies the body, thus breaking signatures. when mail gets back >> to the same domain (sender and final recipient in same domain), this may >> cause problems. I agree that many lists do break signatures so the >> receiving site should cope with this, but I am not sure they really do. > > Signatures ... as in DKIM / DomainKeys? Or GPG signatures? >
any (cryptographic) signature method that is invalidated if text is added to the body. here is an example: - mail admin at example.com configures his mail system to sign all outbound mail with DKIM - he rejects any mail with a From: in his domain if it doesn't have a valid DKIM signature - j...@example.com posts to a list that appends a footer (or munges the Reply-To header, assuming this is used in the signature). - list resends the message to mx.example.com. - mail is From: j...@example.com, but it is either not signed (list removed the signature) or the sig is not valid (message altered by list). >> - the code is not trivial because of the MIME structure. > BTW. dspam once had a bug (dunno if it was fixed): when you enabled the "signature in body" option, it appended text to the body, which obviously won't work for html mail for example! > Ah, this may be the case ... I'm unfamiliar with the exact configuration of > the SA lists. On my own list server I convert everything to plain text to > avoid problems with incompatible mail clients. > yes, that usually works (in "text only" lists such as this one where we don't exchange images...). but even this is a hard game because you need to take a decision when the message is broken (incorrect html, ... etc). this is somewhat similar to the problem of browsers trying to fix incorrect html, but each browser has its heuristics, and you're never sure what the browser guessed is what the page author intended! that said, I agree that in a "text only" list, it should work correctly, and even if it does not, the fault is in the sender side ;-p >>> This is what I do for all the lists I run. Yes, some people are too dumb >>> to read that far ... but MOST people aren't. >>> >> those who send these "unsubscribe" posts do not really look at the list >> messages when they do. > > True enough. Add to those the people who think the best way to get > unsubscribed from a list is to simply report it as spam. > BTW, in .fr, most MUAs (including webmail) translate "spam" as "Messages undesirables", which most users naturally understand as a way to report mail they don't want. so even if you send them mail regularly, but there is one they didn't like, they'll hit the "This Is Spam" button. The fault is shared between the luser and the UI designer/translater! >> I am convinced that an "unsubscribe" option should be implemented in MUAs. > > I completely concur. It's not rocket science. > > I *THINK* I saw a tbird add in that implements this kind of functionality, > but it would be better as part of the core. > yep. > david >
