Richard James Salts:
> Hi all,
>
> This is offtopic in regards to postfix but I bring it up because of the last
> few emails I've sent to the postfix mailing list.
>
> I was originally signing all the headers mentioned in rfc6376 section 5.4,
> whether they existed or not and mails to postfix mailing list failed because
> of
> the added List-* headers. I fixed that up so that it will only sign those
> headers when they exist. I now oversign only the From, Sender, Reply-to,
> Subject, Date, Message-id, To, CC, MIME-Version, Content-Type, Content-
> Transfer-Encoding, Content-ID, Content-Description, Content-Disposition, In-
> Reply-To and References.
>
> This is still leading to the postfix mailing list failing DKIM once it's added
> a Sender header for owner-postfix-us...@postfix.org. Should I stop oversigning
> the Sender header? rfc5322 says the Sender header is unique if it exists so if
> there was a sender header would the postfix maling list strip it and add it's
> own? Should majordomo at russian-caravan be adding a Resent-From or Resent-
> Sender instead of Sender in order to prevent breaking the DKIM signatures for
> final recipients of people who include a signed Sender header?
>
> Your thoughts and opinions on this would be welcomed.
I don't have problems with DKIM-signed mail that I send to this
list, but then I don't try to be clever about what existing or
non-existing headers to sign.
Wietse
