Re: Disclaimer added post signing
On 2014-02-11 00:03, Murray S. Kucherawy wrote:
> On Mon, 10 Feb 2014, Benny Pedersen wrote:
>> so in other words, spf will never being tested in dmarc if dkim pass ?
> That depends on the implementation.
+1
>> another one is if bodysigning is not performed, can a faker then fake
>> signed headers aswell ?
> I'm confused by the question. Can you rephrase?
lets say body is not signed, we allow it to be 100% faked, would an
attacker then be possible to make headers dkim pass ?
>> to the op, you should add disclaimers before signing, eg call
>> disclaimers milter before signing milter, problem solved
> Ideally, yes.
+1
Received on Tue Feb 11 2014 - 18:30:07 PST
This archive was generated by hypermail 2.3.0
: Tue Feb 11 2014 - 18:36:02 PST