On Mon 12/Jun/2023 21:24:54 +0200 Konstantin Ryabitsev via Gnupg-users wrote:
On Mon, Jun 12, 2023 at 06:45:37PM +0200, Alessandro Vesely via Gnupg-users
wrote:
What the list-software would need to do is to strip the original DKIM signature
Why? Original signatures can often be recovered. They shouldn't be removed
anyway.
If list-software is doing something to make the DKIM signature no longer
verify, it must remove the DKIM signature or rewrite the From: header to
change alignment.
An invalid signature is never a reason to reject a message. The spec states to
treat invalid signatures as if they weren't there. Forensic analysis and
advanced software can use the signature even if it was invalidated.
Best
Ale
--
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
