On Fri, Oct 16, 2020 at 02:57:33PM +0100, Matthew Wilcox wrote: > On Fri, Oct 16, 2020 at 10:54:51AM -0300, Jason Gunthorpe wrote: > > Does anyone know who is the admin for kvack.org? > > That's Ben. Adding cc. Without suggestions for how to fix the issue, there's not much I can do. majordomo doesn't modify the message body - that was changed years ago to deal with the first round of DKIM breakage. Postfix must be mangling things, but I have no idea how to prevent that. I wish people wouldn't keep coming up with new ways to break mailing lists. -ben > > I was cleaning my GMail spam mail box and saw lots of messages from > > Jann Horn in the spam filter. Since he is not a spammer I investigated > > what is going on. > > > > I see it is because GMail is flagging all of Jann's messages as having > > a DKIM failure and Jann's employeer domain 'google.com' is enforcing a > > DMARC policy: > > > > Authentication-Results: mx.google.com; > > dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=UzPVodG7; > > spf=pass (google.com: domain of owner-linux-mm@xxxxxxxxx designates 205.233.56.17 as permitted sender) smtp.mailfrom=owner-linux-mm@xxxxxxxxx; > > dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE) header.from=google.com > > > > Selecting a message from Jann that went through LKML and kvack: > > > > https://lore.kernel.org/lkml/20201015000041.1734214-1-jannh@xxxxxxxxxx/raw > > https://lore.kernel.org/linux-mm/20201015000041.1734214-1-jannh@xxxxxxxxxx/raw > > > > And checking the DKIM: > > > > $ opendkim-testmsg < raw.lkml > > $ opendkim-testmsg < raw.mm > > opendkim-testmsg: dkim_eom(): Bad signature > > > > Confirms that Jann sent the message correctly, but kvack is breaking > > the signature while vger is not. The DMARC policy on Jann's email is > > causing receivers to junk his email as spam. I expect I'm not the only > > one. > > > > I see that kvack is modifying the message in transit. Notably it > > changed the transfer encoding from > > Content-Transfer-Encoding: 8bit > > to > > Content-Transfer-Encoding: quoted-printable > > > > And mangled the body accordingly. Changing the > > Content-Transfer-Encoding definitely breaks the signature. > > > > This seems to be a fairly big problem - it is extra hard for people to > > contribute. Setting up a text based email flow is already hard, but > > having to also somehow obtain an email address that doesn't use DMARC > > is becoming an increasingly tough bar to clear. > > > > eg what will people even do if/when Google decides to enable DMARC on > > gmail.com as well? > > > > Is it possible that this list software can be reconfigured to match > > the vger lists that do seem to work OK? > > > > Is moving the list to vger an option? > > > > Thanks, > > Jason > > > -- "Thought is the essence of where you are now."
