Patchwork and DMARC emails.

Wed Feb 17 23:10:06 EST 2021

On Wed, Feb 17, 2021 at 02:47:57PM +0100, Etan Kissling wrote:
> On 08.02.21, 10:33, Rosen Penev wrote:
>>> My patches don't end up in Patchwork for some reason.
>> It's because of DMARC. [..]
> 
> Thanks for the hint about DMARC leading to Patchwork issues. [..]
> 
> It seems that the OpenWrt mailing list breaks the signature by adding
> the 'openwrt-devel mailing list' footer.

IIUC, the OpenWrt mailing list software (Mailman 2.1.29, last time I
checked) does not "break the signature".

Instead, it wraps the original message and modifies the "From:" header
before distributing the mail to list subscribers.  That wrapped message
is then (either by Mailman or by the MTA, I'm not sure) provided with a
new signature that is valid for the domain in the new "From:" header.

This might seem odd, but it is a very common and reasonable workaround
for a fundamental flaw in DMARC.  See:

    DMARC introduces the concept of aligned identifiers.  Briefly, it
    means the domain in the RFC5322.From header must match the domain in
    the "d=" tag in the DKIM signature for DKIM alignment, and/or match
    the domain in the RFC5321.MailFrom field for SPF alignment.  [..]
    Unfortunately this conflicts with the ways a number of mailing lists
    and other services have operated for many years.  A number of
    approaches have been proposed: [..]

        3. Take ownership of the email message by changing the
           RFC5322.From address to one in the mailing list's domain, and
           adding a DKIM signature for that domain.  [For example:]

            B. Replace From: address, set Reply-To: to message author

            - Change the RFC5322.From address to an address within the
              mailing list's domain: user at example.com =>
              address at mailinglistdomain.com .

            - Set or change the RFC5322.ReplyTo address to the message
              author.

            - Add DKIM signature using the mailing list's domain.

Source:
https://dmarc.org/wiki/FAQ#I_operate_a_mailing_list_and_I_want_to_interoperate_with_DMARC.2C_what_should_I_do.3F

Also see: https://wiki.list.org/DEV/DMARC

> For other mailing lists that do not modify email subject and body,
> Patchwork has no problems with DMARC.  Example:
> https://patchwork.ozlabs.org/project/netfilter-devel/patch/A355CB9D-9B07-4D62-A228-A37C2660C442@apple.com/
> for mailing list: netfilter-devel at vger.kernel.org 

I don't know which headers Patchwork requires in order to be able to
process an email correctly, but if it requires a non-empty "Subject:"
header, then see:

https://mail.python.org/archives/list/mailman-users@python.org/thread/ZVM6I4UTDKHY4EKNLIBIWE4JNC2PYLIS/

Sam

-- 
A: When it messes up the order in which people normally read text.
Q: When is top-posting a bad thing?

()  ASCII ribbon campaign. Please avoid HTML emails & proprietary
/\  file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.