On 29 Aug 2017, at 06:00, Benny Pedersen <m...@junc.eu> wrote: > let me come with a joke now, if we stop verifying dkim to the first mail > signature and just say all under that sig is mailllist forged content we did > not open a can of worms to solve afterwards ? > > i think people need to rethink more why breaking dkim is bad
The very phrase "breaking DKIM" is a problem; it is not breaking DKIM, it is a purposeful design failure in DKIM that has *never* worked properly. No one broke it, it was designed to be broken from the start. -- Apple broke AppleScripting signatures in Mail.app, so no random signatures.