About verify signature with return-path
Hi,
The service mailchimp may sending email from any "mailfrom", for example,
from:example_at_example.com to gmail, with these headers:
From: example_at_example.com
Return-Path: <....._at_mail177.us4.mcsv.net>
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=k1; d=
mail177.us4.mcsv.net;
h=Subject:From:Reply-To:To:Date:Message-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version;
i=example=example_at_mail177.us4.mcsv.net;
bh=KwQ+Vxan7NSvbxpH/43sfyJQnt8=;
b=L07XgMn+pDciyFYqqiPPn3hbvHxCw2nIG7jZSAIJDBSEbz2ZHTLoyKJ+vtnzw4DU2xB0uUNB4gQ8
d+ODFM4U0zQG681MEhU+gd9S4xeYdrlAD5vKh/5xjCIpJGIjIKo2cLnoSNdSXShylXN97MO56JPv
WtNICLzXK/ArI97+ckc=
Domain "from" and domain in singature are different, but gmail dkim
verifier pass this signature.
Why?
I'm confused.
Thank you.
P.S. TXT records in the example.com are absent.
Received on Fri Aug 29 2014 - 09:34:47 PST
This archive was generated by hypermail 2.3.0
: Fri Aug 29 2014 - 09:45:01 PST