> Laura Atkins has some pretty cool ideas here: > https://wordtothewise.com/2014/05/dkim-injected-headers/ > I'd be interested to see if including those headers twice in the > signature works, so an altered or second instance of them would > fail DKIM.
They didn't alter any of the headers or add any extra headers. There's no need for the To header to match the SMTP RCPT TO envelope in any way. > And have you had success including the t= and/or an aggressive x= > (expire time) for free accounts? If you look at the Received headers I posted: Thu, 11 Aug 2016 09:25:57 -0400 ... Thu, 11 Aug 2016 06:16:00 -0700 (PDT) So it took about 10 minutes from Receiving the email at gmail until the were sending it from AWS. Having an expiry time that's < 10 minutes in the future from when a message is sent is pretty dangerous. All it takes is a small problem on the receiving side for an email to be delayed 10 minutes. Rob Mueller r...@fastmail.fm
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop