On 2021-08-14 05:54, raf wrote:
Not in this case. It's the To: header that is being changed by the dovecot mailing list software. So if the To: header is included in the signature, then the signature will become invalid.
dovecot do openARC, but dkim can still be breaked after openARC, but if its done before ARC sealing, then it breaks dmarc, hope this is clear on dokumention
it should still not break dkim, if maillist do this it breaks more then dkim
there is no point in doing spf, dkim, arc, dmarc if all forwarders / maillists breaks it, then we all loose the good intention