On Thu, 24 Aug 2017, Jasen Betts wrote:
> Exim signs the whole message.
>
> Partial signing is done by a length "l=" being specified in the DKIM
> header. So far as I know Exim does not support creating signatures
> with that feature.
so it is good for my use !
> Messages forwaded as attachments of type "Message/RFC822" can have
> their signatures verified.
so even this is good (except that maybe not all people is able to do this
without mangling content, expecially if reading from certain webmail or
from a phone)
Remain a final question: for the domanin that is sending these messge
there are three hosts that send email. currently we have a spf record. but
only two of these machine are able to do dkim signature.
What happen if i publish a DKIM signature but go around some unsigned
messages ?
Would help not to publish the DKIM record until all the servers are ready
to sign it ? would impair server reputation sending dkim signed messges
without having the public key in the standard position, or the signature
would be just ignored ?
(for our purpose dkim signture have to be checked only by an
human to verify if a messge had really passed through our server
> --
> This email has not been checked by half-arsed antivirus software
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
Leonardo Boselli
Dipartimento Ingegneria Civile e Ambientale UNIFI
tel +39 0552758808 +39 3488605348
