A. Schulze wrote in
<[email protected]>:
|Am 23.05.24 um 20:13 schrieb John Levine:
|> Do you remember what opendkim does? A quick look at the code wasn't \
|> too enlightening.
|
|OpenDKIM sign 'from' and this set of header without further configuration:
|https://github.com/trusteddomainproject/OpenDKIM/blob/master/libopendkim\
|/dkim.c#L221-L245
|
|I've these two settings:
|SignHeaders csl:*,+autocrypt,+content-transfer-encoding,+content-typ\
|e,+message-id,+mime-version,+openpgp,+resent-message-id
|OversignHeaders csl:autocrypt,cc,content-transfer-encoding,content-type,\
|date,from,in-reply-to,message-id,mime-version,openpgp,references,subject,to
|
|https://manpages.debian.org/bookworm/opendkim/opendkim.conf.5.en.html#Si\
|gnHeaders
|https://manpages.debian.org/bookworm/opendkim/opendkim.conf.5.en.html#Ov\
|ersignHeaders
|
|since years no (known) issues ...
One needs specific sets for personal email or when driving
a mailing-list, at least for the oversigning (that i call
sealing); i document the sealing built-in list (for my one) like
Remarks: In order not to break mailing-list posts (handled by
software which does not recognize message signatures) the built-
in defaults exclude ‘Reply-To’ and all the mailing-list related
fields of RFC 2369. In order to ease DKIM signing for mailing-
lists as such sealing provides another built-in default, ad‐
dressable via plus sign ‘+’.
Only to mention it.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
