https://bugs.exim.org/show_bug.cgi?id=2394
Graeme Fowler <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Graeme Fowler <[email protected]> --- Notwithstanding the discussions around signing non-existent headers, the docs do indeed refer to an obsolete RFC - inconsistently, as the paragraphs above and below refer to the updated version. I'll change that in due course. Now - the other issue is that Exim has a default set of headers to sign in pdkim.h <URL:https://git.exim.org/exim.git/blob/HEAD:/src/src/pdkim/pdkim.h> 29 #define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\ 30 "Message-ID:To:Cc:MIME-Version:Content-Type:"\ 31 "Content-Transfer-Encoding:Content-ID:"\ 32 "Content-Description:Resent-Date:Resent-From:"\ 33 "Resent-Sender:Resent-To:Resent-Cc:"\ 34 "Resent-Message-ID:In-Reply-To:References:"\ 35 "List-Id:List-Help:List-Unsubscribe:"\ 36 "List-Subscribe:List-Post:List-Owner:List-Archive" Sending to mailing lists with a DKIM signature including empty or otherwise non-existent headers seems... fragile, especially given the propensity of lists to add those headers themselves. What confuses me though is that IIRC back in the days of either 4.86 or 4.87, the non-existent headers *were not included* in the signature. I'm trying to determine where that behaviour changed. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
