Am 11.09.25 um 20:38 schrieb Mark Sapiro:
On 9/11/25 10:03, Stephen J. Turnbull wrote:
I don't think Mark was suggesting that would help with the
SPOOFED_UNAUTH problem. I read his mail as saying that it needs to be
fixed because it breaks anonymous_list.
Exactly. Issue is now reported at https://gitlab.com/mailman/mailman/-/
issues/1241
In my tests, I sent an email via an anonymized list from an external
list member who signed his emails with DKIM.
The email sent via the anonymized list still contained the DKIM header
with the following information:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de;
s=s31663417; t=1757947718; x=1758552518; [email protected];
bh=vcgwKHYW2uGBjO0+fBhuE4cVWQCtMNWYPsAtoVGcSpU=;
h=X-UI-Sender-Class:Message-ID:Date:MIME-Version:To:From:Subject:
Content-Type:Content-Transfer-Encoding:cc:
content-transfer-encoding:content-type:date:from:message-id:
mime-version:reply-to:subject:to;
b=efMRr8yABy1/lYtU+rDbUup/kNJlirY6jaBCCMRbu1mHZG+6aa5jwk2+p7xSs2An
WI4aVD5Dm5LsUjEz6VIFn7mYF6yy2h7DFoFFKaysbE4SEx8z1Vz23Ob0K9KnOlUgK
fX7C+WS1Cr4rg0arSWN/OhRMHZUYwUv6q9Kk7FQcM+92UepNNsgnYNtI9NmGryL36
Ui536gOGLLqg7tpS/RkRYSvSYonHgvnsS2kM5VFdC8Ikyb6RC1Xzy5Nj3pO8xFy//
2xABTzbMuA3jnSTQ5PxlLUT7gg4c8c9WvW18+IAUIJKvedyfWgZnGRUxtDbiFKrDF
sbX47CSb1jW6b3UPOg==
This means that both the domain and the email address of the original
sender are included.
Don't all DKIM headers also have to be removed from anonymized lists?
_______________________________________________
Mailman-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/
Archived at:
https://lists.mailman3.org/archives/list/[email protected]/message/HVXV2WUHD44G6UW6ZKEIJIYKILF2MVJJ/
This message sent to [email protected]
