On Tue, May 09, 2023 at 11:54:18AM +0200, Jaroslav Kysela wrote: > The signature is correct in the encapsulated original e-mail. The b4 should > be improved in my opinion. This is non-fixable. The "mitigations" send messages with a completely different message-id, and this breaks pretty much everything. For example, a message sent to another list would have the original message-id, but a different one if someone retrieves it via the alsa-project subscription. So, if someone responds to the message with the bogus rewritten message-id, it would be in the wrong place in the thread. This is just not usable for patch workflows. > For example, here is the original message: > > https://lore.kernel.org/alsa-devel/168311377075.26.14919941665402646886@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ This demonstrates the above problem. This message has a bogus message-id, but it sets in-reply-to of the cover letter. Someone sending their reviewed-by trailer to this patch would, in fact, send it with the cover letter as the parent (meaning it should apply to the entire series). > I guess that the vger servers have similar issues, because servers with > DMARC enabled on the ingress side can reject e-mails. It's related to e-mail > standards. It is perfectly possible to operate a mailing list server and be DMARC-compliant (at least for DKIM-signed messages) without requiring any of the horrible things mailman-3 is doing: https://begriffs.com/posts/2018-09-18-dmarc-mailing-list.html -K
