I know people think I'm wrong, but I think it needs to be looked at a
different way. As a recipient, I don't want 'proof' that this message
came from Alessandro, I want 'proof' that it came from the
ietf-822(_at_)ietf(_dot_)org mailing list.
I think you're right. I've said for years that lists should sign
their mail with their own DKIM keys, and recipients should look at
those list signatures to filter the mail.
None of the theories about why you would care about preserving
incoming signatures have ever impressed me as having any relationship
at all to the ways people actually use mailing lists. It's either a
vague "more secure", or a passive aggressive list manager who is
skilled enough to jump through hoops to preserve the signatures but
too much of a doofus to keep junk out of the list.
R's,
John
_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822