On Thu, 24 Aug 2017, Jasen Betts wrote:
Exim signs the whole message.
Partial signing is done by a length "l=" being specified in the DKIM
header. So far as I know Exim does not support creating signatures
with that feature.
so it is good for my use !
Messages forwaded as attachments of type "Message/RFC822" can have
their signatures verified.
so even this is good (except that maybe not all people is able to do this
without mangling content, expecially if reading from certain webmail or
from a phone)
Remain a final question: for the domanin that is sending these messge
there are three hosts that send email. currently we have a spf record. but
only two of these machine are able to do dkim signature.
What happen if i publish a DKIM signature but go around some unsigned
messages ?
Would help not to publish the DKIM record until all the servers are ready
to sign it ? would impair server reputation sending dkim signed messges
without having the public key in the standard position, or the signature
would be just ignored ?
(for our purpose dkim signture have to be checked only by an
human to verify if a messge had really passed through our server
--
This email has not been checked by half-arsed antivirus software
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
--
Leonardo Boselli
Dipartimento Ingegneria Civile e Ambientale UNIFI
tel +39 0552758808 +39 3488605348
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
