On 2021-08-16 11:21, Ken N wrote:
I was reading this blog posting:
https://www.alexblackie.com/articles/email-authenticity-dkim-spf-dmarc/
But I am confused that, what content should DKIM signature for?
The message body or headers? what headers should be signed?
its safe ti see dkimpy as a good reference on headers that is safe to
sign
i use fuglu where defaults is Date, From, To, Subject
nothing more, other implentions can use more, but its not safe allways
to use more signed headers
https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1762059.html
hopefully 8bitmime is disabled before signing, so the signed content is
always 7bit only
reference amavisd- dkim signing howto
https://www.ietf.org/rfc/rfc6376.txt section 5.3
