Author: Tom Kistner Date: To: Ian FREISLICH CC: exim-users Subject: Re: [exim] Experimental domainkeys and headers...
Ian FREISLICH wrote:
> The X-virus-scanned header can be added above the Domainkey-signature
> because it's added by an ACL. But the other headers added at
> delivery time are added by the transport and they break the DK
> signature. Also, if someone has delivered a mail that has any of
> my removed headers:
Are you sure about that? I made the signing process so that it signs the
messages just as it goes down the delivery fd (that may be a TLS fd).
That should even be after a transport filter.
As for the problem of removing existing headers that are part of an
already present signature: Don't do that. At least for the time being.
There may be a flag that "protects" such headers in the future. :)