Dňa 27. júla 2025 11:59:04 UTC používateľ Andreas Metzler via Exim-users <[email protected]> napísal:
>Or more generally speaking: I cannot think of a scenario when "+X-Foo" >or "=X-Foo" would be not a better choice than "X-Foo", the latter is >really strange (oversign absent header, but do not oversign preset >header). First, i will not name the behavior without prefix "strange", as IMO it is fully conformant to RFC, as it says, that DKIM (beside body) signs message headers. That is to sign existing headers, then (in the same section as informational note) it says, that some can choose to sign, that some message are not in message. I am lazy to check, how it was defined in obsoleted RFC, thus it can be not intended conformance ;-) Second, the "=" prefix signs header, only if it is in message, that is perfectly suitable for headers, which can be added later (the Resent-* and List-* headers are exactly this case, but doesn't sign header non-existence. The "+" prefix always over-sign existence of header and sign non-existence of header. As this topic shows, it is not suitable for mentioned Resent-* and List-* and as John pointed already, it is pointless for headers, which have to be exactly once in message (as that message is invalid anyway, even without that header). While over-sign existing headers is perfectly valid, it is not DKIM task to prevent adding headers, as its purpose is "to claim responsibility" on (some) part of message, and thus not suitable for as default. The DKIM RFC says, that selecting headers to sign, is not obvious, and that IMO applies to over-sing and non-existence sign too, especialy for default list... Thus which one (without prefix, with = or +) is better depends on what one wants/needs to achieve. regards -- Slavko https://www.slavino.sk/ -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
