[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)

On 2020-04-09 13:45, Tim Düsterhus wrote:
> Am 09.04.20 um 21:38 schrieb Vijay Kumar via spiped:
>> Is the https://hub.docker.com/_/spiped   ; a legitimate Docker image of this spiped project?I didn't see any mention of this Docker image on the https://www.tarsnap.com/index.html    ; website. 
> I noticed that the 'From' of Vijay's email was mangled by the list in
> response to, what I assume, DMARC records on the sending domain. However
> the DKIM-Signature was not stripped and fails to validate (because of
> the mangled 'From'):
>> Authentication-Results: chrono.xqk7.com;
>> 	dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=yahoo.com header.i=@yahoo.com header.b="q8zkdFPX";
>> 	dkim-atps=neutral
> I assume that this is not intended behavior.

Indeed.  Offhand I'm not sure how to obtain the right behaviour from ezmlm

Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid