[exim-dev] [Bug 2394] DKIM docs reference obsolete RFC

Top Page

Reply to this message
Author: admin
To: exim-dev
Subject: [exim-dev] [Bug 2394] DKIM docs reference obsolete RFC

Richard James Salts <exim@???> changed:

           What    |Removed                     |Added
                 CC|                            |exim@???

--- Comment #4 from Richard James Salts <exim@???> ---
I do think oversigning all of the headers listed in the RFC is overzealous, and
is not what opendkim does (which I believe is reference implementation). I do
think that opendkim errs on the side of not oversigning enough as people can
replay signed emails and alter the appearance with common MUAs and still
validate as described at
https://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html. At the
moment I have exim configured with dkim_sign_headers =

I subscribe to the postfix-users mailing list which is unique in that they
don't alter the subject or message body, however they do still break my
signatures by adding a Sender header, so maybe making =Sender instead might be
better as most MUAs don't display the header anyway.

You are receiving this mail because:
You are on the CC list for the bug.