[Bitcoin-development] Mailman incompatibility with DKIM ...

[Warren Togami Jr.]

On Thu, Jun 18, 2015 at 11:56 PM, Mike Hearn <mike at plan99.net> wrote:

> We already removed the footer because it was incompatible with DKIM
>> signing.  Keeping the "[Bitcoin-dev] " prepend tag in subject is compatible
>> with DKIM header signing only if the poster manually prepends it in their
>> subject header.
>>
>
> I still see footers being added to this list by SourceForge?
>

The new list currently has footers removed during testing.  I am not
pleased with the need to remove the subject tag and footer to be more
compatible with DKIM users.


>
>
>> Opinions?
>>
>
> I've asked Jeff to not use his @bitpay.com account for now.
>
>
I'm guessing DKIM enforcement is not very common because of issues like
this?

It seems that Sourceforge silently drops DKIM enforced mail like
jgarzik's.  LF seems to pass along their mail but mangles the header/body
and makes DKIM verification fail, which causes gmail to toss it into the
spam folder.  I think this behavior is slightly worse than Sourceforge
because it makes the poster think their message was successfully sent (it
is in the archive), but many subscribers never see it due to the spam
binning.

I don't see any good solution to this except an auto-reject for DKIM
enforced domain postings.  Yes this is rather terrible, but the instant
rejection is vastly better than Sourceforge silently dropping the post or
LF getting stuck in spam filters.

We should also auto-reject any other reason for mail getting stuck in the
moderation queue like including non-subscribers.  I considered
auto-rejecting spam too, but that could go horribly wrong as a false From
address could make the Mailman server into a spammer itself.  We may have
no choice but to silently drop spam for that reason.

Warren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150619/f9fad649/attachment.html>