On 2023-10-23 Jeremy Harris via Exim-users <exim-users@lists.exim.org> wrote:
> On 23/10/2023 06:37, Andreas Metzler via Exim-users wrote:
> > Exim's default setting for dkim_sign_headers is
> > extremely conservative and imho does not make sense.
> It's also as per RFC 6376 Section 5.4.1. "Recommended Signature Content"
> (at least wrt. the List- headers; I didn't check them all).
> So Exim takes the opinion of the working group that defined DKIM, here.
[...]
Kind of. The RFC has big fat disclaimer that it only provides very rough
guidance ("The choice of which header fields to sign is non-obvious.")
and is very very thin on details, afaict it does not say a thing about
oversigning. Exim could claim to follow the RFC no matter whether it had
List-Id, =List-Id or +List-Id in its defaults. So exim needs to make
a deliberate choice even if it "follows" the RFC. The one chosen is not
a good one imho.
cu Andreas
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
