DKIM + MailMan = Trouble

I have a couple of mail lists running on a virtual Linux box. I set them up a while ago and they kept on running for couple of years until a thing called DKIM came in through the cat door and. Unfortunately it took a while until I noticed something was wrong and even longer on how to fix it.

DKIM is a way to fight spam by automatically signing emails with a signature that tells mail servers that the email came from the right domain.

I set up Mailman, the application I use for my mail lists, to send out emails like it came from the mail list even though one of the members sent it. The reason is that when another member replies, it will be automatically sent back to the whole list instead of just one member.

Making an email look like it came from a different address will of course mess with the DKIM signature emails may have when they reach my server and that’s what happened to the mystery emails that never arrived.

Other mail servers out there discarded these emails as spam and sent me cryptic messages in my mail log.

I tried to fix this by enabling DKIM (dkim milter) on my server and adding the necessary key to my DNS entries but after a couple of tries and waiting for the DNS to reload I settled for letting Mailman just remove DKIM signatures on all emails. Voila – it works!

# Add this in your mailman config: 
# /etc/mailman/mm_cfg.py
REMOVE_DKIM_HEADERS = Yes

And I’ll save implementing mailman + DKIM for a rainy day.

This entry was posted in Linux. Bookmark the permalink.

One Response to DKIM + MailMan = Trouble

  1. Sebastian says:

    Hi there,

    just removing the DMARC Headers is a bad idea. Like… Disabling IPv6 because you didn´t know how to configure it.

    The Magic is:

    – No footer
    – No [maillinglist-foo] in subject

    The DKIM signatur includes the hole body and subject… So, don´t touch it :-D

    So long
    Sebastian

Leave a Reply

Your email address will not be published. Required fields are marked *