On 10/18/2017 02:32 PM, Grant Taylor via Mailman-Users wrote: > I'm referring to the difference between: > > - ü - ASCII (?) > - =C3=BC - quoted-printable > - w7w= - base 64 > - ü - HTML > > All four representations are for the *same* letter / character / glyph / > byte(s).
They are different ASCII representations of the same byte, yes. They are not the same text. Sign the text, re-encode text and signature together, anyone who cares about it can decode it back to where the signature will match. Only, you can't do that on the MX, it has to be done on the client. > DKIM, by design will fail if anything that is signed changes. DKIM is designed to produce false positives. Which means DKIM-based tests will have low specificity (https://en.wikipedia.org/wiki/Sensitivity_and_specificity). Which makes them bad for detecting spam. But that's OK, DMARC in general is for *fraudulent* e-mail, not *unsolicited* e-mail. I'm sure once I'm plagued by *fraudulent* e-mail, I'll start caring about RFC 7489 and the rest of them. When those e-mail are from mailman I'll start caring about what mailman does with DMARC headers. But at this point I'd just strip them all off. (And since I'm tripping down the memory lane: https://catless.ncl.ac.uk/Risks/23/21#subj9.1) -- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
