I am signing with rspamd, will have to check the options there # If true, multiple from headers are allowed (but only first is used) allow_hdrfrom_multiple = false; # Domain to use for DKIM signing: can be "header" (MIME From), "envelope" (SMTP From) or "auth" (SMTP username) use_domain = "header";
sign_headers = '(o)from:(o)sender:(o)reply-to:(o)subject:(o)date:(o)message-id:\ (o)to:(o)cc:(o)mime-version:(o)content-type:(o)content-transfer-encoding:\ resent-to:resent-cc:resent-from:resent-sender:resent-message-id:\ (o)in-reply-to:(o)references:list-id:list-owner:list-unsubscribe:\ list-subscribe:list-post:(o)openpgp:(o)autocrypt'; ... o are oversigned headers I will have to check this against opendkim then, thanks On 19/04/2019 13:42, Benny Pedersen wrote: > TG Servers skrev den 2019-04-19 12:45: >> thanks for your reply. > > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prvtmail.net; > s=def; t=1555670709; > h=from:from:sender:reply-to:subject:subject:date:date: > message-id:message-id:to:to:cc:mime-version:mime-version: > content-type:content-type: > content-transfer-encoding:content-transfer-encoding: > in-reply-to:in-reply-to:references:references:openpgp:autocrypt; > bh=RFjoFU2lJVzkjZeWBGwFSeilqzQF8lu0j7X2EyRnK4U=; > b=aLZdpa23z8loA2H4r1JNojxvVUuvddV5lYrQFfw4kQjbhLUXEu16ZKegbUiIQRLysy+eJ/ > > aaMKjIF7ySs2RnZxclXw5QioNE1e7tuz26owsY2fDP2di2qiYLlocXNyZv0YOWxqCxnQ+A > > S/b6tNvNa4yRAE5reMi79GgiosooHfTmZhNKh0y8FzN5WMSJ/eIBjcnHl3OkNy4tC5R2wKUy > > y7YgJoy+8eippeZlU6kurUo/neZ5np+DzLcNU8wlpIdhHOmrj57NMGC6woiYU+gxaBJvPW > > s7tMDQm3vaWFjcrgDR+Ff2HmfKwIkLTRiQhdA9wCtZ4ZYxFfnVTt3l5Cbubdkw== > > where is the other From ? > > and mime-version ? > > reducuce signed headers to what opendkim use, dont oversign all headers