From 9cfad5e40a180cf9df064de352d04e2935020e3d Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Sat, 13 Jul 2024 03:01:46 -0400
Subject: opendkim: Check additional headers to determine sender

Despite the default semantics for `InternalHosts` option in
opendkim.conf, OpenDKIM seems to generally only consider the labeled
sender of a message when deciding whether to sign a message or validate.

This means that previously, when a message was sent to a mailing list
from a domain outside of the mailnode host, the copies of this message
that the list sent out did not get a signature applied to them.

Since we will usually be injecting headers for mailing list information,
we can search these first to determine the message envelope sender.
X-Mailing-List will be the list's full address.  Sender is added just in
case.  Advice is taken from the "Mailing Lists" section of
http://www.opendkim.org/opendkim-README

Signed-off-by: Malfurious <m@lfurio.us>
---
 opendkim/opendkim.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/opendkim/opendkim.conf b/opendkim/opendkim.conf
index 11e1ec6..659d6f1 100644
--- a/opendkim/opendkim.conf
+++ b/opendkim/opendkim.conf
@@ -14,6 +14,7 @@ Canonicalization        relaxed/simple
 #Mode                   sv
 #SubDomains             no
 OversignHeaders         From
+SenderHeaders           X-Mailing-List,Sender,From
 
 # Signing domain, selector, and key (required). For example, perform signing
 # for domain "example.com" with selector "2020" (2020._domainkey.example.com),
-- 
cgit v1.2.3