On 4/27/2019 11:19 PM, Bill Cole wrote:
Basically DKIM on my EXIM server is configured in the default way
which Debian’s config file sets it up once you provide it with the
necessary keys for signing. If it’s got something that they need to
fix to make it behave better, I’m all for getting that together.
I guess that means that Exim on Debian has matched one of the most
famous "features" long touted for Exchange...
You should be able to modify the header selection for signing in the
Exim config and you should do so with thoughtfulness, rather than simply
accepting a packager's defaults.
I just went through the config, now that I'm back in front of a laptop.
Debian's setup is very basic, no fluff, and relies on the defaults that
are set by the developers.
EXIM is generating that list based on RFC 4871 (Section 5.5 lists
recommended).
EXIM Doc - see dkim_sign_headers
https://www.exim.or
tg/exim-html-current/doc/html/spec_html/ch-dkim_and_spf.html
Its a default config that is in all EXIM setups unless explicitly
overriden otherwise.
Sure, it looks like it may be overzealous in its inclusion, but that's a
change in behavior that could be suggested to the EXIM developers to
make it a bit more tolerant of what you are suggesting.
For a long time, I refused to insert DKIM headers on the grounds it
created situations like this. But, you can thank certain large
providers who make some hurdles if you don't have DKIM signed messages.
DMARC elicits the same 'Fuck that' response from me. I implement
something with regards to it only because I need mail to go through.
--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org / http://www.ahbl.org
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
