On 5/3/19 9:48 AM, Bill Cole wrote:
An entirely different mechanism (DKIM) exists to verify From headers.
DKIM is only positive confirmation that the (signed) headers (and body content) has not changed since the signature was applied.
DKIM does nothing to verify the authenticity of what was signed (at the time it was signed).
ARC (not DMARC) is a similar signature of what comes in to detect modification down stream.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
