From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 15989 invoked from network); 3 Nov 2023 23:15:34 -0000 Received: from mx1.math.uh.edu (129.7.128.32) by inbox.vuxu.org with ESMTPUTF8; 3 Nov 2023 23:15:34 -0000 Received: from lists1.math.uh.edu ([129.7.128.208]) by mx1.math.uh.edu with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from ) id 1qz3Nv-00C5Kr-0C for ml@inbox.vuxu.org; Fri, 03 Nov 2023 18:15:31 -0500 Received: from lists1.math.uh.edu ([127.0.0.1] helo=lists.math.uh.edu) by lists1.math.uh.edu with smtp (Exim 4.96.2) (envelope-from ) id 1qz3Nu-000hHp-2k for ml@inbox.vuxu.org; Fri, 03 Nov 2023 18:15:26 -0500 Received: from mx2.math.uh.edu ([129.7.128.33]) by lists1.math.uh.edu with esmtp (Exim 4.96.2) (envelope-from ) id 1qz3Ns-000hHg-0a for ding@lists.math.uh.edu; Fri, 03 Nov 2023 18:15:24 -0500 Received: from quimby.gnus.org ([95.216.78.240]) by mx2.math.uh.edu with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from ) id 1qz3Nm-00CESO-1Z for ding@lists.math.uh.edu; Fri, 03 Nov 2023 18:15:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org; s=20200322; h=Content-Type:Mime-Version:References:Message-ID:Date:Subject: From:To:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=nuK9AS9uCdUzQSgem0BAaSmIVvLG9PNd0vlt8H/W3hw=; b=ul7qSFO3A5rT5UwD7IeHnffA9u A3B7LnqZgiZTu2p8J7MS5yqEYIBCgEFEJp6HQFYW+R82Gypg9LHNPViZdKQPgiBF8H7ZF/9HMnw0W uXhjCn1KaBbx+/CMlMul0KhCdEeUEmyD2867KL90jdYvSkXAnwHN9pIDFnLwzSS9AxQ8=; Received: from ciao.gmane.io ([116.202.254.214]) by quimby.gnus.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qz3NZ-00020g-Sv for ding@gnus.org; Sat, 04 Nov 2023 00:15:08 +0100 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1qz3NX-0002cw-Tr for ding@gnus.org; Sat, 04 Nov 2023 00:15:03 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: ding@gnus.org From: Eric Abrahamsen Subject: Re: resending bounces: DKIM and Message-ID: Date: Fri, 03 Nov 2023 16:14:55 -0700 Message-ID: <87msvu8m4w.fsf@ericabrahamsen.net> References: Mime-Version: 1.0 Content-Type: text/plain User-Agent: Gnus/5.13 (Gnus v5.13) Cancel-Lock: sha1:P3TUlpnrU6OQRg92OUoc8/xtNwE= List-ID: Precedence: bulk Greg Troxel writes: > I found a behavior problem that I think is a bug in both gnus and > opendkim. Headers that are supposed to be added by the originating MTA > are not removed, so the resent message has odd content: duplicate DKIM > header, and the same Message-ID: > > My system in NetBSD 9 amd64 with emacs 28.2, but I don't think that's > particularly important. > > Reproduction Recipe: > > - send a message to a mailing list that you are not subscribed to, so > that it will bounce, and CC: an actual person > - subscribe to the list and confirm > - In the summary at the bounce, S D b (gnus-summary-resend-bounced-mail) > - In the resulting message buffer, C-c C-c (realizing or not realizing > that the actual person will get a second copy) > > This seems to me to be a normal sequence of events, and I'm here because > it actually happened. It was a discussion of DKIM/DMARC configuration > for mailman, so the person in the CC: got two copies and actually > noticed that there were two DKIM headers from my domain. > > > The problem is that the message that is sent has two DKIM headers. This > is because the one that was added by the MTA on the way to the > mailinglist is present because it was in the bounce, and then opendkim > added a new one, because it just adds. > > But also, the Message-ID: was generated for the first message, and the > that is reused. That seems also like a bug. > > The proposal is to fix this by: > > * in gnus > - adding a list of headers which should be removed from bounce > messages when doing gnus-summary-resend-bounced-mail I believe this is called `message-ignored-bounced-headers'! It does not currently include DKIM-Signature, but maybe it should. I haven't actually tested this, but looking at the code I believe it should take effect in this situation. > - set the list to Message-ID and DKIM-Signature to start with This is deeper in the protocol weeds than I usually go, so this is a bit tentative, but I will note that there's a separate `gnus-summary-resend-message-edit' command, which will not preserve the Message-ID header. I think there's an argument to be made that, if you're re-sending the bounced the message, it is in fact the same message over again. If you're changing the "To:" or other headers, on the other hand, that sounds like a new message, and you should be using "S D e" instead. What do you think? Eric