On 2017 Feb 11, 19:18, li...@lazygranch.com wrote: > So technically integrity is assured from server to server, but not between > clients and server.
That is correct. DKIM is for MTA-to-MTA integrity. I you want end-to-end (in-the-flesh sender to in-the-flesh recipient) integrity, you need to use S/MIME or PGP, which run in your MUA (mail client program) and not in the MTA (mail server program). Why is MTA-to-MTA integrity important? Because it's better than nothing (how many people do you know using S/MIME and/or PGP), and because post-Snowden it can not hurt anyway to have it. Regards, -- Josh Good
