Szerző: exim-users Dátum: Címzett: exim-users Tárgy: Re: [exim] Signed header list in DKIM headers
Hi Evgeniy,
On 26.01.20 18:13, Evgeniy Berdnikov via Exim-users wrote: >> The original message did only contain:
>> Subject, To, References, From, Message-ID, Date, MIME-Version, In-Reply-To, Content-Type, Content-Transfer-Encoding
>>
>> Those headers where not altered, however List-XXX-Headers where added and thus broke the initial signature (as these headers where included as). > DKIM-compliant mailing list manager should add those headers to the top,
> before DKIM signature.
That is right, however often not the case.
>> By checking more examples, I do not think that there is an generic approach to do this.
>
> Generic approach to verify original DKIM signature, drop if signature is
> invalid, then strip out all DKIM headers. Then message may be modified
> arbitrarily by mailing list manager. Finally, message can be signed again
> (using DKIM key of this list) and forwarded to subscribers.
I was looking for a way to do this already at sending time before the mailing list software is involved.