In article <[email protected]> you write: >I'm currently trying to wrap my head around this S/MIME signature >thing, is there any best practices document besides the couple of RFCs >that says something about the alignment between the used cert and the >5321From or 5322From? Like for SPF that must align to 5321From and DKIM >that must align to 5322From...
S/MIME signatures are purely content signatures, not envelope signatures, so the address in the S/MIME has to match the one in the 5322 From: line. R's, John PS: It's DMARC that has to match the 5322 From. not DKIM which doesn't have to match anything other than the verification key in the DNS. _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
