Zitat von Scott Kitterman <ietf-dkim_at_kitterman.com>:
> In fact, if it were me, I'd move to a new selector with a new key
> and never ever set "l" again.
Ok, Ok, people told me not to do so ...
I changed the key, selector, removed l=, sign subject again and
revoked the old key from dns by setting p=<empty>
Anyway I would discuss to change the default for AddAllSignatureResults.
In fact opendkim do verify multiple signatures. So I see no reason not
to report
about the work already done.
I often wonder about a failed dmarc validation while there are
spf=pass *and* dkim=pass obviously in the header. It takes me time
again and again
till I realize the real reason: multiple sigs and one of them fail.
see
http://lists.opendkim.org/archive/opendkim/users/2013/01/2515.html
Andreas
Received on Thu Jun 13 2013 - 20:26:35 PST