OT: DKIM signatures on email messages from lists.gnupg.org

Alessandro Vesely vesely at tana.it
Tue Jun 13 09:49:44 CEST 2023

On Mon 12/Jun/2023 21:24:54 +0200 Konstantin Ryabitsev via Gnupg-users wrote:
> On Mon, Jun 12, 2023 at 06:45:37PM +0200, Alessandro Vesely via Gnupg-users wrote:
>>> What the list-software would need to do is to strip the original DKIM signature
>> Why?  Original signatures can often be recovered.  They shouldn't be removed 
>> anyway.
> If list-software is doing something to make the DKIM signature no longer 
> verify, it must remove the DKIM signature or rewrite the From: header to 
> change alignment.

An invalid signature is never a reason to reject a message.  The spec states to 
treat invalid signatures as if they weren't there.  Forensic analysis and 
advanced software can use the signature even if it was invalidated.


More information about the Gnupg-users mailing list