From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,RCVD_IN_DNSWL_MED autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 14558 invoked from network); 5 Jun 2020 15:21:35 -0000 Received: from lists1.math.uh.edu (129.7.128.208) by inbox.vuxu.org with ESMTPUTF8; 5 Jun 2020 15:21:35 -0000 Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by lists1.math.uh.edu with smtp (Exim 4.92.3) (envelope-from ) id 1jhE9D-0004qk-9j; Fri, 05 Jun 2020 10:20:43 -0500 Received: from mx1.math.uh.edu ([129.7.128.32]) by lists1.math.uh.edu with esmtps (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1jhE98-0004nv-Ho for ding@lists.math.uh.edu; Fri, 05 Jun 2020 10:20:38 -0500 Received: from quimby.gnus.org ([95.216.78.240]) by mx1.math.uh.edu with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1jhE8X-005Hzv-0X for ding@lists.math.uh.edu; Fri, 05 Jun 2020 10:20:38 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org; s=20200322; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID :Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=hqfL1ITTQ4B1RpkOnxmjCzjxNXe3XG5MEy6afWAA/T0=; b=uYmaTRq5JFP/yZMUexPZU6L/Y+ jRPmM22cMxWzOovrjMc5FoJPcufICHw2gKKZwKhR4C+0Fr4yZz0Hm6n2EIcWewxCWKbH7M88SmBNu MpDVjVHjS25ZrHd3r9j+/ttq1aGM/Oimz2M1/B3HDWDs3e5/VjjHId3klwGv1wfULIK0=; Received: from virgil.koldfront.dk ([2.110.51.43]) by quimby.gnus.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jhE8M-0002pN-Q8 for ding@gnus.org; Fri, 05 Jun 2020 17:19:54 +0200 Received: from tullinup.koldfront.dk (tullinup.koldfront.dk [192.168.1.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by virgil.koldfront.dk (Postfix) with ESMTPS id 5F55D168F7215 for ; Fri, 5 Jun 2020 17:19:49 +0200 (CEST) DKIM-Filter: OpenDKIM Filter v2.11.0 virgil.koldfront.dk 5F55D168F7215 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=koldfront.dk; s=mail; t=1591370389; bh=hqfL1ITTQ4B1RpkOnxmjCzjxNXe3XG5MEy6afWAA/T0=; h=From:To:Subject:Date:From; b=b09B3T1YBn9khocxOKBwg7K3B6l8CVkJkpnn/CYYBhzAVY04llRIf8er7uQxPuA19 0moTf3b0scCZjIVaykukLVNvszX+PF7AaZonAgim+tejwcuAHJyQRGMCid+9J4X6w2 T8fRSZ9G2oZXkxKGQuWopUtFvbpcrpe7Nd1fXeol/AuhcMMAzpM28GKTM5LBCBcq5q YLDibcJKnQkdGUZyFljMP0hHh4gWlouUW+5vyTqps4Ty0iMAcu/gc6GDuOosAxPij8 S1B/xt97VXTkhoxFr48hvcoFZvIOq+cuEekyEbz56dqtLYb4R/EtXCsZObhFNARuky T0jbLG2O3h0yA== Received: by tullinup.koldfront.dk (Postfix, from userid 1000) id 4DE5520198788; Fri, 5 Jun 2020 17:19:49 +0200 (CEST) X-Hashcash: 1:21:200605:ding@gnus.org::Ja8kLtOJpOETj55S:00002Rba From: =?utf-8?Q?Adam_Sj=C3=B8gren?= To: ding@gnus.org Subject: Handling DKIM for nntp articles Organization: koldfront - analysis & revolution, Copenhagen, Denmark OpenPGP: id=476630590A231909B0A0961A49D0746121BDE416; url=https://asjo.koldfront.dk/gpg.asc Mail-Follow-Up-To: never X-Face: )qY&CseJ?.:=8F#^~GcSA?F=9eu'{KAFfL1C3/A&:nE?PW\i65"ba0NS)97,Q(^@xk}n4Ou rPuR#V8I(J_@~H($[ym:`K_+]*kjvW>xH5jbgLBVFGXY:(#4P>zVBklLbdL&XxL\M)%T}3S/IS9lMJ ^St'=VZBR User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-ID: Precedence: bulk A while back I wrote a little on emacs-devel, and was a little dismayed to see my articles munged: From: =3D?UTF-8?Q?Adam_Sj=3DC3=3D83=3DC2=3DB8gren_via_=3D22Emacs_developm= ent_discussions=3D2E?=3D One thing is the double encoding of the '=C3=B8' in my last name, but why w= as From: rewritten by Mailman at all? Rereading "Actually, DMARC works fine with mailing lists"=C2=B9 today made = me realize why. Here are the key sentences: "A mailing list is going to have a hard time relaying messages for any domain that uses DMARC and SPF but not DKIM." "If the sending domain uses DKIM, it avoids the need for From-munging or other hacks. It works under the condition that the list does not modify the message." I've got SPF and DMARC configured for my domain, and my MTA does DKIM signing of all my outgoing emails. So what's the problem? I'm sending my messages to emacs-devel over nntp via Gmane! So the article doesn't pass through my MTA, and thus not through opendkim, so articles I send this way do not get DKIM signed! Various mailing lists handle this in different ways - when I post to ding via Gmane I usually get some reports about my emails being rejected in various places - this is what emacs-devel avoid by rewriting From. This also due to DKIM missing. One solution would be not to post via Gmane, but to always post via email instead. That's doable, but kind of icky/finicky. Could Gnus somehow do the DKIM signing and add the appropriate headers? Best regards, Adam =C2=B9 https://begriffs.com/posts/2018-09-18-dmarc-mailing-list.html --=20 "The light at the end of the tunnel Adam Sj=C3=B8gr= en Is nothing but the burglar alarm" asjo@koldfront.dk