public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Adam Weiss <adam@signal11.com>
To: "Warren Togami Jr." <wtogami@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Mailman incompatibility with DKIM ...
Date: Fri, 19 Jun 2015 15:47:56 -0400	[thread overview]
Message-ID: <CAFVoEQQF2TLTMpm0DvdXJV-mG3OA6ZU0=vbX1jZdKQ53=xwuOg@mail.gmail.com> (raw)
In-Reply-To: <CAEz79PriNzD18Es60=2Nkz5U6G=Ocrm9ezJmK0P1DirdP-vPkw@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2642 bytes --]

Hi Warren,

If you set dmarc_moderation_action to "Munge from", the list will detect
when someone posts from a domain that publishes a request for strict
signature checking for all mails originating from it (in DNS) and rewrite
the envelope-from to the list's address.  Reply-to will be added and set to
the original sender.

I think that this is probably a better way to workaround the issue (rather
than playing with getting the list to not break the signature) until these
things mature further.

Thoughts?

--adam




On Fri, Jun 19, 2015 at 6:38 AM, Warren Togami Jr. <wtogami@gmail.com>
wrote:

> On Fri, Jun 19, 2015 at 12:24 AM, Mike Hearn <mike@plan99.net> wrote:
>
>> The new list currently has footers removed during testing.  I am not
>>> pleased with the need to remove the subject tag and footer to be more
>>> compatible with DKIM users.
>>>
>>
>> Lists can do what are effectively MITM attacks on people's messages in
>> any way they like, if they resign for the messages themselves. That seems
>> fair to me!  :)
>>
>
> Mailman isn't resigning it.  Should it be?  Does other mailing list
> software?
>
>
>>
>>
>>>  I'm guessing DKIM enforcement is not very common because of issues like
>>> this?
>>>
>>
>> DKIM is used by most mail on the internet. DMARC rules that publish in
>> DNS statements like "All mail from bitpay.com is signed correctly so
>> trash any that isn't" are used on some of the worlds most heavily phished
>> domains like google.com, PayPal, eBay, and indeed BitPay.
>>
>> These rules are understood and enforced by all major webmail providers
>> including Gmail. It's actually only rusty geek infrastructure that has
>> problems with this, I've never heard of DKIM/DMARC users having issues
>> outside of dealing with mailman. The vast majority of email users who never
>> post to technical mailing lists benefit from it significantly.
>>
>> Really everyone should use them. Adding cryptographic integrity to email
>> is hardly a crazy idea :)
>>
>
> I understand the reason to protect the "heavily phished" domains.  I heard
> that LKML does not modify the subject or add a footer, perhaps because it
> would make it incompatible with DKIM of the several big corporate domains
> who participate.
>
> I suppose it is somewhat acceptable for us to remove subject tags and
> footers if we have no choice...
>
> Warren
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

[-- Attachment #2: Type: text/html, Size: 4725 bytes --]

  parent reply	other threads:[~2015-06-19 20:17 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-06-19  9:51 [Bitcoin-development] Mailman incompatibility with DKIM Warren Togami Jr.
2015-06-19  9:56 ` Mike Hearn
2015-06-19 10:10   ` Warren Togami Jr.
2015-06-19 10:24     ` Mike Hearn
2015-06-19 10:38       ` Warren Togami Jr.
2015-06-19 10:49         ` Mike Hearn
2015-06-19 19:47         ` Adam Weiss [this message]
2015-06-19 20:44           ` Jeff Garzik
2015-06-20 18:43             ` Adam Weiss

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAFVoEQQF2TLTMpm0DvdXJV-mG3OA6ZU0=vbX1jZdKQ53=xwuOg@mail.gmail.com' \
    --to=adam@signal11.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=wtogami@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox