That's a very abstract definition of sender and recipient. Issues regarding mailinglists have been mentioned already, but there are more components which might damage DKIM signatures.
For example, my exchange 2013 usually handles DKIM well, e.g. a signed message received by my exchange and forwarded to an external address arrives with a correct DKIM signature. If the message is delivered to an exchange mailbox and accessed by IMAP, DKIM-verification in Thunderbird (DKIM Verifier addon) frequently fails, because somewhere in the IMAP stack some recoding seems to happen, that just isn't triggered during SMTP-handling. See https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail#Content_modification for example. So, depending on how the sender sends, how parties in between process and how the recipient accesses the message, DKIM might work for you. However, I consider it to be very brittle and "best effort", while you talk about proof of integrity, verification and receipts (sounds like accountability?). All said and done, I'd be surprised if DKIM was a good solution for your requirements. Am 23.08.2017 um 17:20 schrieb Leonardo Boselli: > Does the dkim implementation on exim sign the whole message ? > The reason I ask is because all the places that I have read say that > DKIM may sign the whole or part of messge, and i have found no option > to specify how much of messge is signed. > I would like to sign all messages that have been submitted so the > recipient not only can authenthicate the sender machine, but be also > sure of the integrity of the content. > It is required also that the recipient could handle the message > (possibly as an attachment) to a third party that could verify again > the authenticity of the message (same for the sender that would > receive back a copy to have a receipt that he really gave the messge > to that server. > Is it possible ? (actually the verification is more impoortant for the > body and attachments than for the headers) > > > -- > Leonardo Boselli > Dipartimento Ingegneria Civile e Ambientale UNIFI > tel +39 0552758808 +39 3488605348 > > > -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Patrick von der Hagen Zirkel 2, Gebäude 20.21, Raum 004.2 76131 Karlsruhe Telefon: +49 721 608-46433 E-Mail: [email protected] Web: http://www.scc.kit.edu KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
