Dnia 18.05.2022 o godz. 16:21:22 Benny Pedersen pisze: > > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=rafa.eu.org; > s=mail; > t=1652875528; bh=2fTe0Wku2vEr5oV7KaSVl+ydxyUkYkt3D6wPpZSAsOM=; > h=Date:From:To:Subject:From; > b=jaku+8LqSXgkpDyvaFSDHyVZr4qLEbQKETvzwz2Y0c89MHpnWFCPNdb/jakWt1v4X > eSjnEeYyVdE4zeHKxszhegTnUe5YquhWJ/OCkZFSQ1v05K6qam/Hdebd+VmI7yZLBM > ejVU7qLz/Y/AzPYA+Rt8vG8OPlncfY6uusyDMWSE= > > have 2 From header in h= tag, what software make this sillyness ? > > if google track this, it could matter, but reason i say it is that > From header must not be temprary or removed before dkim signing, it > can remove dkim valid auth > > is it software that create a psydo header in that case ? > > find a nother dkim signer would solve it imho
I use OpenDKIM. This may be because of the following in /etc/opendkim.conf: # Always oversign From (sign using actual From and a null From to prevent # malicious signatures header fields (From and/or others) between the signer # and the verifier. From is oversigned by default in the Debian pacakge # because it is often the identity key used by reputation systems and thus # somewhat security sensitive. OversignHeaders From I understand this is a default and recommended setting. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
