Autor: James P Roberts Data: Para: David Woodhouse, Matthew Byng-Maddick CC: exim-users Assunto: Re: [Exim] Yahoo DomainKeys...
----- Original Message -----
From: "David Woodhouse" <dwmw2@???>
To: "Matthew Byng-Maddick" <exim@???>
Cc: <exim-users@???>
Sent: Thursday, May 20, 2004 6:25 PM
Subject: Re: [Exim] Yahoo DomainKeys...
> On Thu, 2004-05-20 at 16:12 +0100, Matthew Byng-Maddick wrote:
> > The interesting problems come with lists like this one, which, very
> > sensibly, strip out unwanted attachments...
> >
> > Signed email is a disaster when dealing with mailing lists.
>
> Largely fixable, at least in theory. Sign each MIME part separately. Let
> signatures on text/* parts survive a few lines of extra crap at start or
> end.
>
> --
> dwmw2
>
Why bother signing the message DATA at all? Do we really need to verify
unchanged contents? Aren't we just trying to confirm that the connecting
host is legitimate to be sending it? Why not only sign the headers?
Still have problems with mailing lists messing with headers; but, it solves
the problem of stripped attachments, de-html-ifying M$ generated carp, etc.