[CentOS] DomainKey and mailing list

Mon Oct 30 17:41:08 UTC 2006
Aleksandar Milivojevic <alex at milivojevic.org>

Hm, my previous post on subject seem to have fallen in /dev/null  
(can't find it even in list archives, strange).

Anyhow.  While on the subject of spam control.  I was playing lately  
with Domain Key (and also newer Domain Key Identified Mail) systems.   
It's currently primarly used by Yahoo and Google Mail (gmail).  For  
example, all emails from gmail.com on this list have  
DomainKey-Signature header.  Also, all of those emails fail the  
verification.  It is most likely due to the mailing list mangling the  
Subject line (addtion of [CentOS] tag) and body of the message  
(addtion of footer).

Currently, Google uses "in testing flag" in the DNS record (as can be  
seen from output of "dig beta._domainkey.gmail.com txt"), so none of  
those emails should be rejected by anti-spam software.  However, if  
they change the flags to instruct anti-spam software to reject emails  
with invalid signatures, the emails from this (and many other) mailing  
lists will start bouncing big time.

I guess if these systems become widespread in the future, either the  
mailing list will need to be updated (so that it regenerates  
signatures with its own key, as defined in proposed standards) or  
mangling of subject line and the body will have to be abandoned...   
Maybe it's a good time to start preparing for the possible future.

-- 
NOTICE: If you are not intended recipient, you are hereby notified
that by reading this message you agreed not to disturb frogs during
mating season.  For more info, visit http://www.8-P.ca/