5.7.4 means "you told us not to accept your mail unless it was validly
signed and it is not".
The solution for this is to make sure that mail with a From: in a domain
that requires this is validly signed.
Yahoo does not care whether you use DKIM or DomainKeys for this purpose;
other people may well like DKIM better, making it more fun.
I note that the help page you reference mentions DKIM and DomainKeys
together every time.
If your LISTSERV
-- gets mail from somebody with a domain that requires their mail to be
validly signed (for instance, via DMARC)
-- leaves that sender's address in the From: line
-- and breaks the DKIM signature
then the mail will not deliver to recipients at Yahoo. Your choices are:
-- ask (or force) the sender to join the LISTSERV from a sending domain
that does not do this
-- modify the From: to not be in the sender's domain
-- avoid breaking the DKIM signature
-- let the mail fail
In article <ED78B1C68B84A14FA706D13A230D7B431E2B9D4D@ITS-MAIL02.campus.ad.csulb.edu> you write:
Apologies if I slept through prior discussions on the topic.
Regardless of what various aging web pages and un-upgraded mail
software might say, Domainkeys is as dead as a doornail, even at
Yahoo. Use DKIM, you'll be happier, even at Yahoo.
If your LISTSERV
-- gets mail from somebody with a domain that requires their mail to be
validly signed (for instance, via DMARC)
-- leaves that sender's address in the From: line
-- and breaks the DKIM signature
Ah, that problem.
I'd strongly suggest a shim in front of LISTSERV that checks for DMARC
policies other than p=none and rejects the incoming mail, simply to
protect other members of the list. Otherwise people who follow DMARC
advice will reject list mail and get bounced off the list. Yes, this
actually happens.