On Sat, Dec 23, 2023 at 18:09:10 -0500, Wietse Venema via Postfix-users wrote:
> Note that only the encapsulating message can contain a DKIM signature
> by the authenticated sender's domain. The smuggled message caannot
> contain a DKIM signature by the impersonated sender's domain unless
> the attacker compromised their signing key.
Or unless the DKIM signing is performed by a next-hop SMTP layer (or SMTP
proxy) within the sending organisation, and this one also interprets the
smuggled message as a separate one.
Geert
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
