dovecot mailing list (this mailing list), DKIM, SPF and DMARC
Dave McGuire
mcguire at neurotica.com
Wed Oct 12 18:28:21 UTC 2022
On 10/11/22 07:42, hi at zakaria.website wrote:
> Another update yet with a solution.
>
> I found the causing issue with DKIM and DMARC failure when a signed
> email pass through mailing list such as dovecot as I expected, it has
> nothing to do with the mailing list but it's to do with DKIM signing
> headers set. It's due to one of or several headers in the DKIM signing
> set, getting added or modified after signing at dovecot end.
>
> Anyhow, here is the DKIM signing headers set in this mailing list, that
> it should work and it will prevent the batch of DMARC emails and bad
> signature from happening again.
>
> from:from:reply-to:date:date:message-id:message-id:to:to:cc:
> mime-version:mime-version:content-type:content-type:
> in-reply-to:in-reply-to:references:references
Please forgive me for jumping in, but I just noticed this. I (like
many others) have issues with mailing lists and the flurry of DMARC
emails after posting. I'm using OpenDKIM. There's a lot of material
out there about proper configuration of DKIM, but nothing really
definitive, with lots of "it depends on your requirements" type of
noncommittal crap. Email use cases don't differ THAT much.
So does what you said above mean that you've come up with a working
configuration to address the issue of mailing lists causing DKIM to barf
due to header modifications? If so, can you tell me more about
specifically what you're doing, like which headers you're signing and
how? I've been at my wits' end with this for some time; DKIM (and SPF
etc etc) seem to be really quite awful overall.
Thanks,
-Dave
--
Dave McGuire, AK4HZ
New Kensington, PA
More information about the dovecot
mailing list