On Tue, May 5, 2015 at 1:24 PM, John R Levine <[email protected]> wrote:
> John’s proposal changes DKIM but also requires additional changes in DMARC >> to respect the changes that were made to DKIM when doing alignment (the >> @fs=domain is more or less the same as the Original-To below). ... >> > > It's not supposed to. The decision about whether a DKIM signature that > depends on a chained signature is valid is supposed to happen entirely > within the updated DKIM module. DMARC just uses that result. I assume the > DKIM module is able to look at all of the DKIM signatures on a message and > report back which ones are valid. > Other chatter on this list suggests that not all DKIM verifier implementations work that way, unfortunately. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
