no more subject prefix for xetex mailing list

Zdenek Wagner zdenek.wagner at gmail.com
Mon Mar 4 11:21:03 CET 2019


Hi,

I am afraid that the subject prefix is just one of several reasons. I
have just examined the recent reply by Norbert Preining. Gmail
reports:
SPF: PASS, DKIM: FAIL, DMARC: FAIL.

Further examination shows that the mail was sent from 91.121.174.77
which is listed in SPF as a permitted sender for tug.org. DKIM is
taken from the original sender, i.e. from logic.at. The authentication
header says:

Authentication-Results: mx.google.com;
       dkim=fail header.i=@logic.at header.s=dkim header.b=nSpPkmsD;
       spf=pass (google.com: domain of
tex-live-bounces+zdenek.wagner=gmail.com at tug.org designates
91.121.174.77 as permitted sender)
smtp.mailfrom="tex-live-bounces+zdenek.wagner=gmail.com at tug.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=logic.at

The detailed description of the signature says:

DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=logic.at;
s=dkim; t=1551675717; bh=btyCANRBRIWj8PY5MX1c7XBCEyZHPpgSm6TopL4NIjQ=;
h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
b=nSpPkmsDIdLW56sQ7c6w1PYZRv4qx58amqMrkT7KIkyFd1Uk+58yr9bMjE/E7YCHf
xlITlT1MoM5mG2pQDbdKshrzhCRF6UfymeZprptomBVtf6LBt2CuCkA+ijLG7+eEZ3
lEN5uexB1G72AqYiihhbTrpK2pyqh1y6j54EC+CI=

"h" shows the list of the header fields that were signed by the
logic.at sender. If any of them is changed by the listserv, the
signature becomes invalid. The sender decides in the corresponding TXT
record in the DNS what to do with such mails, it may be allowed to
accept them but the receivers can have stricter policy and reject
them.

I do not know how to solve it. Probably the listserv should verify
DMARC of a submitted message. If it decides to accept the mail and
distribute it, the original signature should be removed, From should
be modified so that DKIM is taken from tug.org and the headers should
get a new signature.

I am not an expert, it took me a long time to configure my sendmail to
provide correct DMARC but this may be the way.



Zdeněk Wagner
http://ttsm.icpf.cas.cz/team/wagner.shtml
http://icebearsoft.euweb.cz

po 4. 3. 2019 v 7:02 odesílatel Peter von Kaehne <refdoc at gmx.net> napsal:
>
> On Sun, 2019-03-03 at 16:05 -0700, Karl Berry wrote:
> > Hi - I've removed the "[XeTeX]" prefix on Subject lines from this
> > mailing list (xetex)'s messages. It is my hope that this will reduce
> > the ever-increasing flood of dmarc failures
> > (https://en.wikipedia.org/wiki/DMARC).
>
> Isn't the problem with DMARC around the FROM: header? I can not see how
> altering the subject line is going to make a blind bit of difference
> when the real problem is that the FROM header still points at the
> author's domain.
>
> Peter
>



More information about the XeTeX mailing list