Author: Tom Kistner Date: To: David Woodhouse CC: exim-users Subject: Re: [exim] Exim Snapshot - DomainKeys support - Testers wanted
David Woodhouse wrote:
> Bear in mind that the vast majority of mailing lists _do_ add a Sender:
> header already. They don't need to re-sign the mail, and they don't need
> to refrain from altering it. We can tell what they've done.
Good, but the signature is lost anyway, so the whole message including
the signature could still be forged, and DK is then pointless. This is
what I meant with "unuseable". :)
> A DK-aware recipient should see that there is a Sender: header, which is
> obviously is newer than the From: header, and should _not_ reject the
> message if the signature from d=duncanthrax.net fails. What result does
> your implementation give on the messages you receive back from the list?
Good question. I'm not printing the results to my main log ATM. I'll try
and see.
