Mark Martinec wrote:
I'm observing regular cases of originator signature breakage
by mailing lists which DO NOT modify mail body or header in
intrusive ways. This happens every time the poster included
a Sender header field in its original posting, and then sign it.
A mailing list which replaces the original Sender by its own
causes a signature breakage, quite unnecessarily.
Unfortunately the RFC 4871 wants a Sender signed:
The following header fields SHOULD be included in the signature,
if they are present in the message being signed:
o From (REQUIRED in all signatures)
o Sender, Reply-To ...
and RFC 2822 only allows one instance of a Sender header field.
It would be nice to have a clear guideline on what a mailing list
should do with a Sender, and/or a guideline that DKIM should not sign
the Sender field if message is intended for posting.
This is a good point. What I do is _not_ sign Sender: if it is
not present in the message. Thus a mailing list that inserts Sender
won't break the first party signature. This seems to work pretty
well in real life.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html