Hi, Laurent. Thanks for the response. Comments below. On Sat, 22 Oct 2011 13:47:47 +0200, Laurent Bercot wrote: > The mailing-list software *modifies* the message - namely, it adds a > few headers (such as List-Unsubscribe) and removes other headers (such > as Return-Path - for obvious reasons). So, it's normal that you cannot > verify the signature of a message after it goes through the list. PGP/MIME signatures are made over the body (and possibly any attachments) of the message, and specifically *not* the headers [0]. Signatures in fact can't be made over headers, since obviously the headers change frequently during the delivery of a message, and if signatures were made over the headers as well the signatures would always break. But in fact it has become clear that the problem is not with the signatures. Alex sent a PGP/MIME signed message to the list that appeared to come through with no problems at all (that I can tell). See below for more information. > The adding and removal of headers should be perfectly safe and I don't > think there's a bug in there. On the other hand, there *might* be a > problem with the handling of MIME types, because it's something > complex. The set of MIME types that are forbidden (i.e. if such a MIME > type is encountered in a multipart message, the corresponding part of > the message will be deleted) is the default set for the version of > ezmlm-idx I am using. It includes text/html; it does not include > text/plain, of course; and it does not include > application/pgp-signature. The removal of MIME parts could definitely break signatures if the signature was made over the removed part. > Since messages are modified when going through the list, it makes no > sense to sign them, so I might as well add application/pgp-signature > to the list of removed MIME parts, and end this bit of confusion. I disagree. One of the main reason one signs messages is to verify that they were not modified in transit. But that said, I can understand that a mailing list would want to scrub messages of potentially dangerous parts. However, OpenPGP signatures are not damaging, and as long as the signatures cover only other benign parts, such as text/plain (as were my messages), then there's no reason for the mailing list to mangle them. I am subscribed to literally dozens of mailing lists, and I sign my messages to all of them. This is the only list I've ever encountered where this is an issue. > If you think you have exhibited a real bug, such as a text/plain part > of a MIME message being removed, please send proof to me: a message > sent 1. to the list and 2. directly to me (using the address in the > "From:" header of this message, and replying to the confirmation > request), so I can compare the two and use it to investigate. But > ezmlm-idx has worked flawlessly for years, and the MIME filter has > being treating us pretty well, so I don't think there's a bug involved > - at most, a misconfiguration on my part is possible. I actually think this is a real bug. Even a misconfiguration should not produce the effect that we're seeing. I've attached two messages below: the original of a message I sent to the list, and what I received back from the list. The only problem is that a single MIME content boundary has been removed, without removing anything else in the message. This of course breaks the MIME structure, making the message unrenderable. What's strange is that Alex's signed message sent to the list was *not* mangled in the same way. The only thing I can think of is that for some reason the list software doesn't like the string used as the content boundary in my message ("--=-=-="), but doesn't mind the one that Alex used ("V88s5gaDVPzZ0KCq"). Anyway, thanks for looking into this, Laurent. I hope you can find the bug. Let me know if there's anything else I can do to help. jamie. [0] http://tools.ietf.org/html/rfc3156