On Friday, September 23, 2016 04:15:23 PM Thomas Goirand wrote: > On 09/10/2016 05:34 PM, Santiago Vila wrote: > > The "[Python-modules-team]" thing in the subject is probably enough to > > break the DKIM signature. > > I don't believe DKIM signature is done on the header+body. If I'm not > mistaking, it's done only in the body of the mail, because each SMTP > server on the way to your inbox can add a "Received:" field, so you can > trace the email. > > So yes, footers in emails can break stuff, but not mangling subject, > which is part of the metadata.
Not correct. In DKIM there is a header hash and a body hash that are calculated separately. If either changes, then signature verification will fail. You can control which header fields are included, but ~everyone includes subject. Scott K