From: russell@coker.com.au (Russell Coker)
Date: Mon, 15 Aug 2016 17:58:38 +1000
Subject: [refpolicy] DKIM signatures
In-Reply-To: <201608011139.07442.russell@coker.com.au>
References: <201608011139.07442.russell@coker.com.au>
Message-ID: <8086640.4ebLZzpxHe@russell.coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Monday, 1 August 2016 11:39:07 AM AEST Russell Coker wrote:
> This list server adds "[refpolicy]" to the subject and also adds a list
> footer before sending out mail.  To preserve DKIM signatures the sender can
> manually add "[refpolicy]" when starting a new thread.  Also a sender who
> controls the DKIM policy for their domain can add the "l=" flag to sign
> only the length of the original message so that the footer doesn't break
> the signature.
> 
> Is it possible to enable the l= flag on Gmail DKIM signatures?  If not then
> I think it's necessary to either remove the list footer or enable the DKIM
> feature in mailman where it sets the From: field to the list address and
> allows the list sender to apply their own DKIM signature to the outbound
> mail.

http://krebsonsecurity.com/2016/07/trump-dnc-rnc-flunk-email-security-test/

DKIM and DMARC (which depends on it) are gaining popularity.  The above 
article isn't about politics (I really hope no-one will say "vote for the 
candidate with the best mail server") but about the expectations of modern 
mail servers.  Probably everyone here should read all of Krebs articles as he 
writes a lot of stuff that's relevant to us.

Tresys people, when will get get this list fixed?

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/