no more subject prefix for xetex mailing list

Peter von Kaehne refdoc at
Mon Mar 4 14:27:59 CET 2019

The solution JISCMAIL uses is following:

From:	"VON KAEHNE, Peter (NHS .... )" <
0......0-dmarc-request at JISCMAIL.AC.UK>
Reply-To: Rural General Practitioners Association of Scotland <
Subject: Re: [RGPAS] .... 

The From header is rewritten and a unique code for the email used. I am
not sure if this new "address" has any function of any sort. 

A ReplyTo header is added with the list address. 

I am receiving this list on NHS-net which is a major user of
Microsoft's corporate email provider. The settings are paranoid and
have always been. I received many DMARC related warnings on that list
while MS and the NHS slowly tightened the rules until JISCMAIL was
amending its processing of mailing lists.  


On Mon, 2019-03-04 at 11:21 +0100, Zdenek Wagner wrote:
> Hi,
> I am afraid that the subject prefix is just one of several reasons. I
> have just examined the recent reply by Norbert Preining. Gmail
> reports:
> Further examination shows that the mail was sent from
> which is listed in SPF as a permitted sender for DKIM is
> taken from the original sender, i.e. from The
> authentication
> header says:
> Authentication-Results:;
>        dkim=fail header.s=dkim header.b=nSpPkmsD;
>        spf=pass ( domain of
> at designates
> as permitted sender)
> smtp.mailfrom=" at";
>        dmarc=fail (p=NONE sp=NONE dis=NONE)
> The detailed description of the signature says:
> DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;
> s=dkim; t=1551675717;
> bh=btyCANRBRIWj8PY5MX1c7XBCEyZHPpgSm6TopL4NIjQ=;
> h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
> b=nSpPkmsDIdLW56sQ7c6w1PYZRv4qx58amqMrkT7KIkyFd1Uk+58yr9bMjE/E7YCHf
> xlITlT1MoM5mG2pQDbdKshrzhCRF6UfymeZprptomBVtf6LBt2CuCkA+ijLG7+eEZ3
> lEN5uexB1G72AqYiihhbTrpK2pyqh1y6j54EC+CI=
> "h" shows the list of the header fields that were signed by the
> sender. If any of them is changed by the listserv, the
> signature becomes invalid. The sender decides in the corresponding
> record in the DNS what to do with such mails, it may be allowed to
> accept them but the receivers can have stricter policy and reject
> them.
> I do not know how to solve it. Probably the listserv should verify
> DMARC of a submitted message. If it decides to accept the mail and
> distribute it, the original signature should be removed, From should
> be modified so that DKIM is taken from and the headers should
> get a new signature.
> I am not an expert, it took me a long time to configure my sendmail
> to
> provide correct DMARC but this may be the way.
> Zdeněk Wagner
> po 4. 3. 2019 v 7:02 odesílatel Peter von Kaehne <refdoc at>
> napsal:
> > On Sun, 2019-03-03 at 16:05 -0700, Karl Berry wrote:
> > > Hi - I've removed the "[XeTeX]" prefix on Subject lines from this
> > > mailing list (xetex)'s messages. It is my hope that this will
> > > reduce
> > > the ever-increasing flood of dmarc failures
> > > (
> > 
> > Isn't the problem with DMARC around the FROM: header? I can not see
> > how
> > altering the subject line is going to make a blind bit of
> > difference
> > when the real problem is that the FROM header still points at the
> > author's domain.
> > 
> > Peter
> > 

More information about the XeTeX mailing list