Re: [exim] Recovering DKIM signature from read email

On 2017-08-23, Leonardo Boselli <leo@???> wrote:
> Does the dkim implementation on exim sign the whole message ?
> The reason I ask is because all the places that I have read say that
> DKIM may sign the whole or part of messge, and i have found no option to
> specify how much of messge is signed.
> I would like to sign all messages that have been submitted so the
> recipient not only can authenthicate the sender machine, but be also sure
> of the integrity of the content.

Exim signs the whole message.

Partial signing is done by a length "l=" being specified in the DKIM
header. So far as I know Exim does not support creating signatures
with that feature.

> It is required also that the recipient could handle the message (possibly
> as an attachment) to a third party that could verify again the
> authenticity of the message (same for the sender that would receive back a
> copy to have a receipt that he really gave the messge to that server.
> Is it possible ? (actually the verification is more impoortant for the
> body and attachments than for the headers)

Messages forwaded as attachments of type "Message/RFC822" can have
their signatures verified.

--
This email has not been checked by half-arsed antivirus software