Håkon Alstadheim via Postfix-users wrote in <[email protected]>: |Den 06.05.2026 22:10, skrev Steffen Nurpmeso via Postfix-users: |> Håkon Alstadheim via Postfix-users wrote in |> <[email protected]>: |> |> yes, turn of generation of z=, z= as it is is a hopeless case. |> and do not use simple/simple but relaxed for headers, even the new |> dkim (as in: "theirs") does that. simple for the body they want, |> but other than that it is mostly certain OpenBSD, IETF and IANA, |> plus Viktor Dukhovni -- all the rest of the world uses relaxed |> also for the body, and that is all right. Use S/MIME or OpenPGP |> to protect your own otherwise. | |Thank you! Makes sense, but it's been ages since I set this up.
Regardless, you should. Your DKIM signatures are also not safe at all, you do not protect MIME header fields like especially Content-Type, and i myself even "seal" those. See for example this from 2017/8 https://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html Unfortunately certain "inner circle" members of the IETF never cared to care, also to update widely used software accordingly. (Having said that, my own stuff isn't that great either, but for one i am alone, second i have no responsibility whatsoever. Otherwise i would cockroach around for sure.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
