[exim] Exim hates IPv6

Strange but true, sending mail to this list via IPv6 does not work: 2023-11-29 10:35:50.715699500 new msg 271522 2023-11-29 10:35:50.715750500 info msg 271522: bytes 2558 from qp 83701 uid 82 2023-11-29 10:35:50.726425500 starting delivery 466243: msg 271522 to remote exim-users@lists.exim.org

[exim] Re: Exim hates CNAMEs, not IPv6

It appears that Viktor Dukhovni via Exim-users said: >That text is obsolete. There is no such text in RFC5321, and >CNAME-valued mail domains have long been OK. The sending MTA (its DNS >resolver) is expected to restart the MX lookup at the target of the >CNAME, and if no MX records are found, u

[exim] Re: Oversigning Resent-xxx headers

It appears that Slavko via Exim-users said: >The docs says, that when dkim_sign_headers is not specified, **the >header names listed in RFC4871 will be used, ... >Beside the fact, that RFC4871 is obsoleted by RFC6376 (which removed >whole that list), exim implements it wrongly, as the RFC4871 men

[exim] Oversigning Resent-xxx headers

I was tracing down a strange bug in which mail sent to a role account in an IETF working group was forwarded to the recipient's Gmail account and appeared with a big ugly security warning saying invalid DKIM signature. I found that the sender's mail system adds a DKIM signature that oversigns the

[exim] Re: Oversigning Resent-xxx headers

It appears that Slavko via Exim-users said: >_DKIM_SIGN_HEADERS= >From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: >Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: >In-Reply-To:References: > > =Resent-Date:=Resent-From:=Resent-Sender:=Resent-T

[exim] Re: Oversigning Resent-xxx headers

It appears that Jeremy Harris via Exim-users said: >+ Wondering what do do when DKIM2 eventually arrives Probably look at using libraries since verification will be more complicated. We realized that every option in the existing DKIM provides a way to screw up, so we're hoping to have a lot fewe

[exim] Re: DKIM2 - was Re: Re: Oversigning Resent-xxx headers

It appears that Andreas Metzler via Exim-users said: >On 2025-07-31 Andrew C Aitchison via Exim-users >wrote: >[...] >> If it does turn out that DKIM2 verification is based on libraries, >> given the recent comments about libspf2, please ensure that that there >> is a well support and maintained

[exim] Re: Oversigning Resent-xxx headers

It appears that Andrew C Aitchison via Exim-users said: >> could you expand on that? I would have expected that >> >> * changing #define PDKIM_DEFAULT_SIGN_HEADERS in >> src/src/miscmods/pdkim/pdkim.h >> * Updating the docs, including a proper entry for doc/doc-txt/ChangeLog >> * Handling possibl