Mlist Working Group Meeting

Serge Olivier discussing the Domain Keys Identified Mail (DKIM) anti-spam systems.

Craig Hancock discussing RPM packages for Linux installs.

DKIM – PKI is not required since the public keys are published via DNS. You don’t have to distribute private keys to end users. Keys are added by the first MTA. It does require SMTP/AUTH inside the domain.

With DKIM – some headers are part of the digital signature. There could be transformation of the message somewhere along the way. Canonization algorithm is used so that some changes will not break the signature: removal of white space, empty lines etc.

Antispam filters want to use reputation services. These services are only useful if you are sure that sender hasn’t been spoofed.

DKIM doesn’t specify how Mailing List Management software should handle the signing and forwarding of the email. The MLM could be a thin as possible, the MLM could remove the first signature and resign the email or the MLM could add a second signature.

Hopes for approval by IETF.

Craig Hancock – University of Notre Dam

RPM Packages for Sympa under Linux.