[CentOS] [OT] mail address - centos mail list

Mon Nov 10 15:17:57 UTC 2014
James B. Byrne <byrnejb at harte-lyne.ca>

On Sat, November 8, 2014 21:35, Stephen Harris wrote:
> On Sat, Nov 08, 2014 at 05:58:53PM -0800, Keith Keller wrote:
>> The fundamental reason is because Mailman is rewriting the headers in an
>> incompatible way.  It is not his site's usage of DKIM.  This is a known
>> issue with Mailman.  (I used to have a good link explaining the issue,
>> but can't find it now; if I find it later I'll post it.)
>
> So we have a 20-year old piece of technology ("mailman") and a modern
> proposal ("DKIM")... and somehow it's mailman's fault.  Uh huh.
>
> Note; it's not just mailman that has problems, it's _any_ mail forwarder.
> Going back 27 years to my first Unix account, I could create a file called
> ".forward" that would forward my mail to another address.  This is BROKEN
> by DKIM.
>
> Basically DKIM is incompatible with how internet email works.
>
> But here's the thing... I think DKIM has a potential future; we need to
> _change_ how the internet works.  So mailman will need to be rewritten;
> mail forwarders will need to change.  And so on.
>

Mailman already has been updated to ameliorate the situation.  The patches are
applied to the main trunk and the version has been updated.  However, CentOS
is, as we all know and love, a decidedly conservative collection of software. 
In my opinion it is unlikely that we will see any changes to Mailman's
behaviour in 6 and possibly not until 8, although I think it probable that
Mailman will be updated for this in 7 at some point.

For the nonce we set SPF policy to softfail and our DKIM policy is quarantine.
Thus Google is doing the right thing by flagging my messages through
CentOS.org as suspect but forwarding them on for delivery nonetheless. So long
as the MX treatment of my messages is consistent and still permits delivery
then Google places the disposition in the hands of the recipient.

Yahoo on the other hand does not. If there is an SPF failure then the messages
are discarded.  I am not sure what effect, if any, DKIM has on Yahoo.

To handle Yahoo subscribers to any ML that we run internally we arbitrarily
subscribe those addresses to the digest versions.


-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3