On Sep 23, 2016, at 12:00 PM, Jeremy Harris <[email protected]> wrote:
> ... and doesn't say you can't add other things as well, including
> headers not present.
>
> Yes, DKIM breaks mailinglists…
Well, not entirely true. It only breaks if original signed headers are
modified. “most” should not be, and dual signing usually isn’t a problem.
But over signing most certainly does break it more. ie: Posting into a mailing
list, over signing it with List-Id that doesn’t exist when sending but is added
by the list server on the way back out.
>
>> Is there a knob to turn this back to the original functionality and “not
>> oversign” ?
>
> Not a simple knob, no.
> You could construct a non-oversigning list for dkim_sign_headers by
> using a suitably complex expansion. Probably involving ${filter…}.
I guess the “work around” to make them break less would be something like:
dkim_sign_headers =
MIME-Version:Date:From:Subject:In-Reply-To:References:Message-Id:To:CC
But something like this would work?
dkim_sign_headers = ${if def:h_Date: {Date}}
(obviously you’d have to build some lager/ugly concatenated list)
--
Robert
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
