22 Sep
2017
22 Sep
'17
9:51 p.m.
On 09/22/2017 05:46 AM, Steffen Nurpmeso wrote:
The mailman version i use supports REMOVE_DKIM_HEADERS
out of the
box? (This is v2.1.24, i hope that and Python2 will be maintained
for a while time.) So i have REMOVE_DKIM_HEADERS=2 which always
removes those headers, but more possibilities exist. There is
also special support for DMARC, but i never fiddled with that.
I sent a message to the Mailman users mailing list inquiring. I believe
that at least dmarc_moderation_action should be set to munge to best
deal with DMARC.
I also feel like mailing lists are their own entity, and as such,
messages should be from them. Similarly, I think replies should be
directed back to the list. I think this is especially true for
discussion type mailing lists. Thus, I would be inclined to set
from_is_list to munge also.
I feel like the best long term solution would be for remove_dkim_headers
to be set to yes, which will remove the DKIM headers if the from header
is being munged.
(I personally use SPF -all and hope for the day DNS
via DTLS or
TLS finally becomes reality. I never understood DNSSEC as such.)
I've been using DNSSEC for multiple years and have had very few problems
with it. Usually it's because I hand edit my zone and bork something.
I also look forward to the encryption ~> privacy that DNS over DTLS will
provide (as I understand it) but I wonder what additional protection
DTLS will provide compared to what DNSSEC provides.
--
Grant. . . .
unix || die