--On 10 December 2007 11:42:27 +0100 Luca Bertoncello <[EMAIL PROTECTED]> wrote:
> >> Not really an Exim question, but... DomainKeys can survive forwarding >> if the forwarding process doesn't alter any of the headers used in the >> signing process. > > Sure, but it signs always the "Received", too... And this IS altered, of > course, by every MTA... Received headers are added by every MTA, so it's conceivable that a recipient implementation could look for a subset of headers which matches the signature. A good algorithm would be to start with just the oldest Received header, and add newer ones until you get a match. My guess it that you'd often get a match on just the one header. That might not be as easy to implement as simply ignoring DK signatures that sign the Received header, or even rejecting them and letting the sender sort out the mess! -- Ian Eiloart IT Services, University of Sussex x3148 -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
