On 28/Sep/10 12:59, Ian Eiloart wrote:
--On 27 September 2010 19:26:37 +0200 Alessandro
Vesely<vesely(_at_)tana(_dot_)it>
wrote:
Now the MLM does its editing job. It knows the original message was
signed, so it makes sense to verify if the signature is still good
after any changes have been applied. In case verification fails, it
shouldn't try to distribute an adsp-breaking message, so it can either
send back a bounce or drop it.
Oh, but I already know that my MLM is going to break any message with a
signed body. UK law practically mandates the addition of unsubscription
information in a message footer. We certainly require it locally.
Signatures may still survive if they use l=. Probably, the best
method for determining whether a signature has been broken is to
simply verify it again. BTW, running OpenDKIM testsuite, it seems
that verifying is an order of magnitude faster than signing. Thus, an
extra verification shouldn't hurt.
As a curiosity, I've noted that MLMs usually avoid duplicating the
subject-tag (possibly even if it was present twice in the original.)
However, they almost invariably duplicate the footer, if it's already
present.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html