[horde] lists.horde.org break S/MIME and DKIM
A. Schulze
sca at andreasschulze.de
Sun Dec 13 15:09:31 UTC 2015
Ralph Ballier:
> Meanwhile it works and I have an own mail certificate (look above in the
> header).
your message was modified on transit and the S/MIME signature is broken.
Probably because the listmanger ( mailman ) append a footer to each message.
One more reason to configure the listmanager not doing this anymore.
So again: my call for reconfiguration mailman to not modify all messages:
How?
https://sys4.de/en/blog/2013/08/11/dkim-konforme-mailinglisten/#mailinglisten-manager-dkim-konform
it's on german. But as summary, add this to mm_cfg.py:
# Do not break existing DKIM signatures
DEFAULT_SUBJECT_PREFIX = ""
DEFAULT_MSG_HEADER = ""
DEFAULT_MSG_FOOTER = ""
does it hurt?
mostly no:
- http://dovecot.org/list/dovecot/2014-June/096547.html
- https://unbound.net/pipermail/unbound-users/2015-July/thread.html
-
https://listi.jpberlin.de/pipermail/postfixbuch-users/2015-July/063192.html
does it safe the world?
no
there are corner cases where mailman in older versions ( < 2.1.20 )
but it help to keep email authentication valid most of the time.
not working 100% is no reason to not use 95%
Andreas
More information about the horde
mailing list