On 10. 05. 23 18:43, Konstantin Ryabitsev wrote:
On Wed, May 10, 2023 at 06:19:15PM +0200, Jaroslav Kysela wrote:
On 10. 05. 23 17:34, Konstantin Ryabitsev wrote:
So, I'm just going to repeat this: operating a mailing list and remaining
DMARC compliant is perfectly possible, provided:
- the original message is DKIM-signed
- all existing headers are unmodified
- the message body is unmodified
Example of e-mail which is rejected by google's mx servers:
https://lore.kernel.org/alsa-devel/20230510142227.32945-1-vitalyr@xxxxxxxxxxxxxxxxxxxxx/raw
Thank you for this example -- it plainly illustrates the problem, which is
that Mailman 3 mangles messages.
If you compare the above message with the message that passed via vger, you
will notice what went wrong:
-CC: <alsa-devel@xxxxxxxxxxxxxxxx>, <patches@xxxxxxxxxxxxxxxxxxxxx>,
- <linux-kernel@xxxxxxxxxxxxxxx>,
- Vitaly Rodionov <vitalyr@xxxxxxxxxxxxxxxxxxxxx>
+CC: alsa-devel@xxxxxxxxxxxxxxxx, patches@xxxxxxxxxxxxxxxxxxxxx,
+ linux-kernel@xxxxxxxxxxxxxxx, Vitaly Rodionov <vitalyr@xxxxxxxxxxxxxxxxxxxxx>
For some bizarre reason Mailman-3 decided to make the CC header "more pretty"
by stripping the angle brackets around addresses. Since it's a DKIM-signed
header, this invalidates the signature and results in DMARC violations.
The answer, unfortunately, is to stop using Mailman-3. It's not usable for
patch-based workflows.
Whoops. It seems that mm3 guys knows about it:
https://gitlab.com/mailman/mailman/-/merge_requests/1039
I tried to apply the noted workaround. Crossing fingers.
Thank you for your help.
Jaroslav
--
Jaroslav Kysela <perex@xxxxxxxx>
Linux Sound Maintainer; ALSA Project; Red Hat, Inc.