--On 23 April 2010 04:34:16 +0000 John Levine <johnl(_at_)iecc(_dot_)com> wrote:
For anyone who's working on the list management BCP:
I sign all my outgoing mail, and I have a feedback loop set up with
Yahoo, which being very modern and advanced keys on signatures, not IP
addresses. A few days ago I sent some messages to one of the Freebsd
mailing lists. Today some Yahoo user who subscribes to that list hit
the spam button. Freebsd's list software (Mailman, I think) doesn't
sign, and doesn't strip any headers. So what happened? Yahoo saw my
signature and sent the reports to me, which was of course useless
since I don't run the list.
Would this still be an issue if the lists were signing the outbound mail?
You'd hope that Yahoo would then send the feedback reports to the list
owner.
If that's the case, then the preferred behaviour must be to sign the
message, DKIM header included.
This is not a hypothetical problem--all of my recent Yahoo FBL reports
have been for mail I sent to mailing lists elsewhere. The lists I do
run sign their mail, and FBL reports for those lists are handled
reasonably. My scripts do what they can with this stuff, but sending
unsub commands to majordomo(_at_)freebsd(_dot_)org doesn't work.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html