BUG #18822: mailing lists reject mails due to DKIM-signature - Mailing list pgsql-bugs
| From | PG Bug reporting form |
|---|---|
| Subject | BUG #18822: mailing lists reject mails due to DKIM-signature |
| Date | |
| Msg-id | 18822-25d115fe42e642c2@postgresql.org Whole thread Raw |
| Responses |
Re: BUG #18822: mailing lists reject mails due to DKIM-signature
|
| List | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 18822
Logged by: Matthias Apitz
Email address: gurucubano@googlemail.com
PostgreSQL version: 16.5
Operating system: SuSE Linux SLES 15 SP6
Description:
This is not strictly a PostgreSQL software problem, but one of the
configuration and administration of the community mailing list. Please
change the place for this issue accordingly.
I'm an active member of the community for many years (check the archives for
my name). Since some days, all my mails to the PostgreSQL lists get rejected
with a message:
Your message to pgsql-bugs with subject
Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in
Logs
has been rejected by a moderator and will not be posted.
The reason given for rejection was:
This email has a DKIM signature on the List- headers of
the email, indicating that it is not allowed to pass this
email on through a mailinglist
...
I investigated this on my side and the reason is that my ISP 1blu.de adds
since January 20 2025 a DKIM-Signature to all my outgoing mails of:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=unixarea.de
; s=blu3434000;
h=Content-Transfer-Encoding:Content-Type:MIME-Version:
Reply-To:Message-ID:Subject:To:From:Date:Sender:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=mUXCo4CB5VS0jsNsC2LeR8NOxLomD73G556GgsVmluA=;
b=nlMvRnatrYiMjStI6F/rnF2zbZ
DqqjgqpA4fezouBgwHPPz+VAN+msCPqY+I6oQa1B6eP5bNZhr9bi8UCvVvRmTWX+LC74GdzsYsfR9
5zDhdwYSgxaU6fW4CbtGfhZT+v/lH+x2sPi3OEdBPIEdeuHstof32yzBm00xnRX0MttjZx8E9ReyG
GHBKSuWo9f80m9Y4VamhplV99V5aMxJZOU+MNVU/Jfdj9h4Q5aMfEtwT+SOCPBBoze7wFOpXRvQOd
MdYA7FtH3uUlpMn0FwqpopXHqTl7Xs+cKxT/AZwRnogqdwsFmQg3fMf0/Tr8gMAPGluXkdpC8kKog
qw+9X8Sg==;
i.e. the header lines of List-* are part of the DKIM signed lines.
I can't change this, as the signing is done by the MTA of 1blu.de. I raised
a ticket there, but without any luck until now.
On the other hand, the RFC 6576 explicitly allows this, see the chapter
5.4.1. Recommended Signature Content
and explains in B.2.3. Mailing Lists and Re-Posters
what mailing-list should do:
A Forwarder that does not modify the body or signed header fields of
a message is likely to maintain the validity of the existing
signature. It also could choose to add its own signature to the
message. ...
Rejecting the mails should not be done and is IMHO a bug!
Please fix this.
pgsql-bugs by date: