Matus UHLAR - fantomas via Postfix-users wrote in <zdeizvdskmgkq...@fantomas.sk>: ... |I can now also say that these milters: | |pyspf-milter |opendkim |opendmarc | |(at least their versions in Debian 12) | |do NOT remove existing Authentication-Results: and thus this ste is |necessary to avoid possible confusion of mail filters. | |the "openarc" milter seems to detect and remove offending header.
As a spoken out opponent of this header (*in*my*opinion* a new flag "V" for the DKIM signature that i then produce would be the signal that my email infrastructure verified (the) signature(s) on ingress side of things) as well as of SPF, ARC and DMARC i am interested in this topic. However, if i recall correctly, the very sophisticated RFC (that i read more than one year ago) speaks about trust boundaries or similar, on the background of an entire reputation system. Simply removing all instances of this header blows this up, no? Other than that i could imagine adding a flag to my maturing simple DKIM (yet sign-only) milter that removes headers as configured (Authentication-Results, X-Google-DKIM-Signature, ARC-Seal, ARC-Signature, elder DKIM-Signature). Except for the possible last Authentication-Results (of yourself/your provider) it rapidly looses its meaning, or already lost it once it arrives. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
