== Current context ==
When someone (with a recent mailserver, I mean a DKIM-enabled mailserver) sends an email to the WMIT Mailman, it may be cases where the original DKIM firm is valid, but Mailman delivers invalid `DKIM-Signature` signature, and so the email is marked as spam and, often, discarded by receivers.
This happens because Mailman alters the original message. This happens in various ways: changing the subject, adding the prefix `[Something]`, altering the body, altering the `From:`, etc.
== Problem ==
Mailman alters the original message and it breaks the original DKIM signature.
== Ideal solution ==
1. preserve the old DKIM signature in another (non?)standard header (uhm... ?... `X-original-DKIM-Signature:`)
2. delete the sender's DKIM-Signature: since it cannot be valid anymore if Mailman changes the original message
3. just in case, introduce a new DKIM-Signature: header respecting the new message delivered from the mailing list
Having said that, I don't think this solution can be implemented easily in Mailman.
== Proposed solution ==
Edit the Mailman configuration file and set `remove_dkim_headers: yes` in order to strip the header `DKIM-Signature:` that usually contains an invalid firm, since the original message was altered by Mailman and so its crypto signature is invalid.
Related documentation explaining default value:
```
# Some list posts and mail to the -owner address may contain DomainKey or
# DomainKeys Identified Mail (DKIM) signature headers <http://www.dkim.org/>.
# Various list transformations to the message such as adding a list header or
# footer or scrubbing attachments or even reply-to munging can break these
# signatures. It is generally felt that these signatures have value, even if
# broken and even if the outgoing message is resigned. However, some sites
# may wish to remove these headers by setting this to 'yes'.
remove_dkim_headers: no
```
https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/config/docs/config.html