Correcting myself:
On 4 Feb 2021, at 11:47, Bill Cole wrote:
However it is so easy to break a DKIM signature, especially if the
'strict' canonicalization is specified,
s/strict/simple/
The 'simple' canonicalizations for headers and body are strict in that
they do very little to eliminate the effects of legitimate modifications
often made by MTAs and MDAs. IMHO 'relaxed' still does not go far
enough, but at least it eliminates some of the worst fragilities.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
