[gnu.org #1340375] Fwd: [sr #109593] nongnu.org mailing list is modifyin

mailman

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnu.org #1340375] Fwd: [sr #109593] nongnu.org mailing list is modifyin

From:	Ian Kelling via RT
Subject:	[gnu.org #1340375] Fwd: [sr #109593] nongnu.org mailing list is modifying BODY rendering DKIM (and S/MIME) signature invalid
Date:	Thu, 29 Nov 2018 15:17:30 -0500

On Thu Nov 29 14:37:55 2018, address@hidden wrote:
> 
> 
> 
> -------- Message transféré --------
> Sujet :       [sr #109593] nongnu.org mailing list is modifying BODY 
> rendering DKIM (and S/MIME) signature invalid
> Date :        Thu, 29 Nov 2018 05:14:51 -0500 (EST)
> De :  Ivan Warren <address@hidden>
> Pour :        Ivan Warren <address@hidden>, address@hidden
> 
> 
> 
> URL:
> <https://savannah.gnu.org/support/?109593>
> 
> Summary: nongnu.org mailing list is modifying BODY rendering
> DKIM (and S/MIME) signature invalid
> Project: Savannah Administration
> Submitted by: ivanw
> Submitted on: Thu 29 Nov 2018 10:14:50 AM UTC
> Category: Project mailing lists
> Priority: 5 - Normal
> Severity: 3 - Normal
> Status: None
> Assigned to: None
> Originator Email: address@hidden
> Operating System: Microsoft Windows
> Open/Closed: Open
> Discussion Lock: Any
> 
> _______________________________________________________
> 
> Details:
> 
> The mailmain software running on nongnu.org is altering the contents of the
> body while yet indicating the from: field is the sender.
> Because of this, any DKIM check makes the message invalid.
> If the sending domain uses DMARC, the mail may get rejected because of that.
> This means that since my domain is DMARC protected (and all my messages DKIM
> signed) - they will be rejected (and not received) by a receiving MTA that
> checks my domain's DMARC status (and makes a DKIM verification).
> 
> Furthermore, any S/MIME signature gets invalidated. (PGP/GPG won't be 
> affected
> because the modifications occur outside the signed message block)
> 
> SMTP has provision for headers specific to mailing lists and should be used
> instead of altering the message body.
> 
> 
> 
> 
> 
> 
> _______________________________________________________
> 
> Reply to this item at:
> 
> <https://savannah.gnu.org/support/?109593>
> 
> _______________________________________________
> Message sent via Savannah
> https://savannah.gnu.org/
> 

Hi Ivan,

We are aware of this issue and are working on resolving it. It will take
us a few weeks. Until then, please either

1. Do not email our mailman lists or
2. Change your DMARC policy to none or
3. Add eggs.gnu.org to your SPF policy.

-- 
Ian Kelling | Senior Systems Administrator, Free Software Foundation
GPG Key: B125 F60B 7B28 7FF6 A2B7  DF8F 170A F0E2 9542 95DF
https://fsf.org | https://gnu.org

[Prev in Thread]

Current Thread

[Next in Thread]

Fwd: [sr #109593] nongnu.org mailing list is modifying BODY rendering DKIM (and S/MIME) signature invalid, Ivan Warren, 2018/11/29
- [gnu.org #1340375] Fwd: [sr #109593] nongnu.org mailing list is modifying BODY rendering DKIM (and S/MIME) signature invalid, Ian Kelling via RT <=

Prev by Date: Fwd: [sr #109593] nongnu.org mailing list is modifying BODY rendering DKIM (and S/MIME) signature invalid
Next by Date: [gnu.org #1340354] mailing list/DMARC assistance needed
Previous by thread: Fwd: [sr #109593] nongnu.org mailing list is modifying BODY rendering DKIM (and S/MIME) signature invalid
Next by thread: listinfo does not include gnu-linux-libre
Index(es):
- Date
- Thread