Hi! I think I have ran into this problem:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939808
My outgoing e-mails (like this one) is DKIM signed by Exim, and the
signature covers (on sending, the non-existing) List-Id header, which a
mailing list software inserts, breaking the DKIM signature for
recipients. I'm getting some DMARC reports about failures due to
invalid signatures, and these usually comes when I post something to a
mailing list. Is my analysis correct?
What do you think about the patch posted in the link above? See below.
/Simon
--- a/src/pdkim/pdkim.h
+++ b/src/pdkim/pdkim.h
@@ -26,14 +26,14 @@
#include "../blob.h"
#include "../hash.h"
-#define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
- "Message-ID:To:Cc:MIME-Version:Content-Type:"\
- "Content-Transfer-Encoding:Content-ID:"\
- "Content-Description:Resent-Date:Resent-From:"\
- "Resent-Sender:Resent-To:Resent-Cc:"\
- "Resent-Message-ID:In-Reply-To:References:"\
- "List-Id:List-Help:List-Unsubscribe:"\
- "List-Subscribe:List-Post:List-Owner:List-Archive"
+#define PDKIM_DEFAULT_SIGN_HEADERS \
+ "From:From:=Sender:Reply-To:Subject:Subject:Date:To:Cc:"\
+ "Message-ID:In-Reply-To:References:MIME-Version:"\
+ "Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:"\
+ "=Resent-Date:=Resent-From:=Resent-Sender:=Resent-To:=Resent-Cc:"\
+ "=Resent-Message-ID:"\
+ "=List-Id:=List-Help:=List-Unsubscribe:=List-Subscribe:=List-Post:"\
+ "=List-Owner:=List-Archive"
