Hi Matthias!
On 24.02.25 07:55, Matthias Apitz wrote:
> I'm subscribed to some hundred technical mailing lists and do not face
> this problem with any other list, only with the PostgreSQL lists. For
> example, when I write to the list mutt-users@mutt.org <mailto:mutt-
> users@mutt.org> and my ISP 1blu.de <http://1blu.de> sends the same DKIM-
> Signature containing these List-* entries (which might be there or not,
> what I count a religious war depending of how one reads the RFC in
> question), what gets delivered by the mutt-users@mutt.org <mailto:mutt-
> users@mutt.org> list server to the subscribers, like me, DKIM related is
> only:
I think it has been explained a few times now that out options are
either to reject mails with signed List-* headers before distribution or
distribute them with a broken signature.
We will not distribute mails with broken signatures because that would
immediately cause us to get into serious blacklisting troubles with all
large mail providers worldwide - we have been there and we will not go back.
We _NEED_ our own List-* headers on our mails to comply with say gmail
policies for large senders (5k mails/24h for google and we are way above
that) and to provide easy features for our users (say one-click
unsubscribe in most popular webmail interfaces), so there is nothing we
can do here unfortunately.
>
> grep ^DKIM mutt.mail
> DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org <http://
> smtp1.osuosl.org> C3A51819CC
> DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org <http://
> smtp3.osuosl.org> 5EB3A605E8
> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
not sure what you are try to tell us here - what is relevant is whether
the signature (if there is one) still validates and whether those lists
actually maintain List-* headers.
Stefan
