Evan Burke:
I recommend including the Date and Subject fields twice in your DKIM
signature h= string, and possibly other key fields; that will break
the original signature if a second such header is later added.
Andrew C Aitchison:
What will that do to legitimate messages that pass through
a mailing list that changes the subject line but does not
use DKIM ?
On Mon, 31 Jan 2022, Al Iverson via mailop replied:
In this scenario, my mailing list manager strips the original DKIM
signature and applies its own, as I am now the party responsible for the
message. (I also rewrite the from address.) This has worked fine for me,
but not everyone is a fan of this methodology.
Yes, but I cannot control what lists do with mails I send to them,
so it would be useful to know what happens to messages that use
Evan's recommendation then go through a list that doesn't follow
your suggestion, but alters the Subject: line.
Would it create a situation where gmail rejects legitimate list messages
from me as well as the fakes ?
As a list user I don't want to throw the baby out with the bath-water.
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
