Auteur: Patrick von der Hagen Date: À: exim-users Sujet: Re: [exim] Strange problem with domainkeys
Am Montag, den 10.12.2007, 07:26 +0100 schrieb Luca Bertoncello:
[...] > Has someone an idea why it does?
>
> I think that domainkeys offer a solution to the forward... If they don't, I
> can deactivate them... :) Domainkeys works if not to much of the signed parts are altered. You
probably realised that everbody knows about the received-header-trouble,
so it is quite likely you don't a problem related to those headers.
However, a forwarding MTA might e.g. add spamassassin-headers, headers
to indicate it has been scanned for virus, etc. If we were talking about
a mailinglist, than the software might alter Reply-To, change the
subject (to include the listname), etc.
It is quite sad, but the SPF-forwarding problem would not exist if
everybody used SRS. Domainkeys has less forwarding-problems but only
works reliably if everybody uses domainkeys-aware-software which follows
some guidelines about modifying headers and content....
To cause less problems, I only add headers with exim with ":at_start:",
to avoid the signed message. Regarding domainkeys one might consider
making ":at_start:" an exim-default (perhaps a bad change...) or add
some option like "domainkey_aware" to the main section which might
enforce strice rules regarding message-modification. Might be an
interesting feature for exim 4.70 or something....
--
CU,
Patrick.