On Sun, Oct 22, 2023 at 08:51:37PM +0100, Ray O'Donnell via Exim-users wrote:
> On 22/10/2023 20:04, Jeremy Harris via Exim-users wrote: > > > dkim-signing with the full set of headers as per the exim > > > default set above is broken > > I'll take issue with "broken". > > If (and there's the question) you think that a DKIM signature > > should detect when a message has been modified, do you not think > > that adding headers is a modification? > Definitely not broken, just a trap for the unwary... I ran into the > same problem on the PostgreSQL lists with my personal > server. Altering the list of headers included in the signature fixed > the problem. To be clear, I'm not blaming exim. It is a matter best left to configuration by each site admin. I'm just saying that because it is such a trap (thanks for the word, Ray), it's a good candidate to be written up somewhere. I wonder what the fabulous debian configuration daoes in this respect. -- Ian -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
