Re: Conditional milter_header_checks?

[Wietse Venema]

Kevin N.:
> So, *if present*, the signature should be valid.

A system that treats 'no signature' different from 'bad signature'
or 'unverifiable signature' is broken from a security point of view.
It gives an adversary more opportunties than it deserves.

        Wietse