Whenever I send mail to a Debian mailing list, I receive notifications of DKIM policy violations. I've never figured out whether the problem is on my side or theirs...
The mailing list probably appends a footer that breaks the DKIM signature. This has been a known issue for basically all mailing lists for quite some time.
But you are right. This is what lists have been doing.
They may also set the X-Original-From or X-Original-Sender headers. Google Groups does it anyway. ARC will be better than that though, of course.
It's almost certainly not your problem. DKIM is a cryptographic signature of various parts of the email, which is very commonly broken in all sorts of legitimate ways by mailing lists. This has been a known failing of DKIM & DMARC for quite some time.
However the issue is fixed by the new ARC protocol though, which is supported by most major email providers & in most mailing list software as of like this year. Theoretically, just a matter of time until they update their software & the issue is resolved.
via Exim. I think the problem is not in my setup, as I only receive the notifications after I send mail to the BTS or to a mailing list, but since I have p=none in my DMARC record I haven't put much effort into figuring out exactly where the problem is.
I don't use gmail. Regardless, the notifications aren't emails. I have configured my DMARC record to request that policy violations are reported to Postmark and every few weeks I get an email from them summarizing the reports they have received.
There are basically 0 violations, until I mail the Debian BTS or a mailing list, whereupon there are dozens. So it could be a problem at my end, Debian's end, or maybe downstream of Debian (e.g., if mail for foo@debian.org is forwarded on to someone else who has a misconfigured email setup...)
Regardless, my DMARC record has p=none so these reports are informational only. On the other hand, it's basically the reason I've never gotten around to changing it to p=reject...
If you have your DMARC set up right, anyone else who tries to send email using your domain as the "from" address will trigger a DMARC violation. It may be that having your address on a public mailing list triggers spammers to try using your domain.
Many mailing list software returns header information (including, most importantly, From header) while making some modifications to the message (e.g., adding a footer or prepending some text to the Subject header).
A lot of owners reconfigured said software to rewrite the From header since Yahoo changed their DMARC policy to a hard fail and broke quite a lot of mailing lists in doing so, as the resulting backscatter caused the software to unsubscribe people from the mailing list when delivery failed if someone sent a message from their Yahoo account.
[edit] having done a bit more research, I think the problem lies with the BTS: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754809