[ietf-dkim] Why mailing lists should strip DKIM signatures
jason at long.name
Fri Apr 23 08:00:37 PDT 2010
On Fri, Apr 23, 2010 at 9:38 AM, John R. Levine <johnl at iecc.com> wrote:
> >> I sign all my outgoing mail, and I have a feedback loop set up with
> >> Yahoo, which being very modern and advanced keys on signatures, not IP
> >> addresses. A few days ago I sent some messages to one of the Freebsd
> >> mailing lists. Today some Yahoo user who subscribes to that list hit
> >> the spam button. Freebsd's list software (Mailman, I think) doesn't
> >> sign, and doesn't strip any headers. So what happened? Yahoo saw my
> >> signature and sent the reports to me, which was of course useless
> >> since I don't run the list.
Not completely useless, right? The message did come from you. If it really
was spam, sent from your account, you'd be glad Yahoo reported it to you.
> The list should certainly sign, but the old signature has to go, since the
> reputation of a list's mail belongs to the list, not the contributors.
I disagree. I say the reputation is partly the contributor's, partly the
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ietf-dkim