On Thu, May 20, 2010 at 3:05 PM, Murray S. Kucherawy <msk_at_cloudmark.com> wrote:
> 2) If your MLM adds a particular header to identify the list (e.g. Resent-Sender or Resent-From), add that one earlier than From in your SenderHeaders list (e.g. "SenderHeaders Resent-Sender,From"). This has a possibly annoying side-effect though, in that ADSP evaluation, if you have that enabled, will also be done based on that setting. This is probably a bug we'll need to fix in some future version.
I tested the ResignMailTo feature that SM mentioned, and it works,
kind of. It works because it signs the email, but the signature does
not verify. I disabled that and then configured the SenderHeaders
function, and it works, kind of. Again, it signs the emails that are
processed through the MLM, but for some reason, the signature is
failing. So far I have only seen it sign rejection notices to us
admins, which seems to sign the email, then pass it through mailman
once more as it sends out to us admins. Obviously something is
getting changed, I just am not sure what that is. As always, locally
generated emails from a shell account sent through the verification
reflector verify just fine, so it seems to be something that the MLM
is doing that I have not isolated.
As part of testing the ResignMailTo, I excluded the Subject field from
tests because we modify the subject by prepending the list name
[OCLUG] in front of the subject. It did not help the emails to dkim
verify.
I am going to set up a test list with only a couple of email addresses
and see what happens.
--
Regards... Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm. -- Marcus Aurealius
Received on Sun May 23 2010 - 23:58:22 PST