Gerald Galster wrote in <4339792b-b58d-4c42-a836-1e71e0eb6...@gcore.biz>: |> This list uses Mailman configuration settings, not handcrafted code. |> If people believe that it is worthwhile to change the Mailman |> implementation or the DMARC spec, then I suggest that they work |> with the people responsible for that. | |There is no need for changing implementations, it's already there. | |https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/config/\ |docs/config.html | |############################ |remove_dkim_headers | |default: no | |Some list posts and mail to the -owner address may contain DomainKey \ |or DomainKeys Identified Mail (DKIM) signature headers <http://www.dkim.\ |org/>. Various list transformations to the message such as adding a \ |list header or footer or scrubbing attachments or even reply-to munging \ |can break these signatures. It is generally felt that these signatures \ |have value, even if broken and even if the outgoing message is resigned. \ |However, some sites may wish to remove these headers by setting this \ |to ‘yes’. |############################ | |I do not request any changes to this list, just wanted to mention other \ |options.
They add their own DKIM on top, aka "put an envelope" around "the message", therefore the mail can be verified (to be from them). Of course they could remove all other (possibly many) DKIM and other signatures, maybe leaving nothing but the last authentication-result. (Which would make many messages much, much smaller.) Yes. If some headers have changed elder signatures cannot be verified anyway, body extensions only in parts (if a byte range was verified, i had to look in the RFC how that is done.) Then again it is likely to be received as having "more smell" to remove the old ones, even if they cannot be verified again. This is the crux with email as it is, if they would have invented something MIME-alike at the very beginning, and messages would really be enveloped entirely, and enveloped entirely, etc., as in old times, where each wrap is verifieable by itself, and the inner envelope is always (!) a constant unchanged thing, things would be better. On the other hand some graphical software seems to not deal well with such message-in-message situations, and only displays smoe icons, .. or whatever .. what i heard .. i do not use them. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
