On Wed, Aug 9, 2023 at 2:54 AM Laura Atkins <la...@wordtothewise.com> wrote:
> If there are multiple BCCs that implies that whatever is creating the mail > must make individual copies of the message with only the BCC recipient in > that line before it’s signed with DKIM. So for a message with 3 BCCs, there > are 4 separate copies of the message to be created, one with no BCC header > and 3 for each of the BCC recipients. Then each message must be > individually signed. > > I’m not sure how that’s going to work in practice. > I have heard, but have not verified, that some MLMs do this one-recipient-per-copy thing already, despite RFC 5321 encouraging the opposite. If true, I don't know whether this was done to allow per-instance signing or because it allows for better tracking and association of bounces, or for some other reason. It occurs to me that unless the Date field changes for each instance, the DKIM signature would be the same for each instance anyway. However, if it is already the case that MLMs generally produce a copy per recipient, then any Bcc scheme would work, and much of the fragility with the "include the recipient in the signature" approach vanishes. -MSK, participating
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim