I haven't heard anything recently (or at all) that makes me want to reconsider and stop recommending people avoid l= tag. I'd personally still avoid it. I grant that l=1 was the biggest problem, but I think it's safe to say that nowadays best practice would be that the signature covers the whole message.
For those not sure what we're talking about, I blogged it back in May, 2024: https://xnnd.com/mgjn Cheers, Al Iverson On Tue, Jan 27, 2026 at 8:54 AM Andrew C Aitchison via mailop <[email protected]> wrote: > > > Bearing in mind RFC6376 section 8.2 > https://datatracker.ietf.org/doc/html/rfc6376#section-8.2 > I have my system set to warn me of messages which set a length > to the DKIM signed part of the message body with the l= tag. > > I have recently seen messages on this list (from more than > one person) that have DKIM headers with l= values, > and no they had not DKIM signed (and oversigned) the Content-Type: > header to protext against > https://www.zone.eu/blog/bimi-and-dmarc-cant-save-you/ > > Have things changed so that it is now safe to use DKIM l= > - eg as a perfomance optimisation (saves reading the body twice) ? > > Thanks, > > -- > Andrew C. Aitchison Kendal, UK > [email protected] > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop -- Al Iverson // 312-725-0130 // Chicago http://www.spamresource.com // Deliverability http://www.aliverson.com // All about me https://xnnd.com/calendar // Book my calendar _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
