Ah, I didn’t know l= existed, thanks for that! Do most hosts treat l=0 as DKIM-valid the same way as l=, or are they likely to ignore the DKIM signatures?
Matt > On Jul 15, 2020, at 07:20, Ángel via mailop <mailop@mailop.org> wrote: > > On 2020-07-11 at 15:27 -0400, Matt Corallo via mailop wrote: >> "Sorry, I think what you're looking for isnt useful, you're misinformed" >> isn't exactly a useful response when someone, >> especially a customer, asks for something, sadly. > > > Your customer should detail their threat model, so that they can be > given a solution suited to their needs. You don't implement the same > solution to "protect your files" if your threat is the cat walking over > the keyboard or spies from a foreign country. > > > I would suggest DKIM-signing the headers but not the email body (i.e. > use l=0), perhaps not even including the Subject. > > This, way your customer could send an email saying: >> We have agreed that it's dangerous to the Don and our Family to let >> Sollozzo live. Will you help us to kill him? > > and then argue that the email really said: >> We are very worried about a possible confrontation and only want the >> peace between all parties. > > > the origin and recipients of the email will appear on many email logs, > so it'd probably be pointless to hide them. You could go as far as to > only sign the Message-Id if you wanted, though. > > > Anyway, it's likely than 5 minutes after that, the other party replied > saying "We won't interfere with that" and quoting your full email. > DKIM-signed by Office 365. > > > Regards > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop