Re: "Intermediate" OpenDKIM default configuration options feedback
On Thu, Apr 30, 2015 at 5:06 PM, Scott Kitterman <ietf-dkim_at_kitterman.com>
wrote:
> Here's one I use in the Debian default config file that you don't have:
>
> # Always oversign From (sign using actual From and a null From to prevent
> # malicious signatures header fields (From and/or others) between the
> signer
> # and the verifier. From is oversigned by default in the Debian pacakge
> # because it is often the identity key used by reputation systems and thus
> # somewhat security sensitive.
> OversignHeaders From
>
> I do recommend this.
Thanks, Scott. Excellent suggestion. I've added it to the Fedora pkg and
made only two changes: Debian -> Fedora and pacakge -> package.
I make that typo ALL the time, too. :)
Thank you!
SteveJ
Received on Fri May 01 2015 - 03:36:29 PST
This archive was generated by hypermail 2.3.0
: Fri May 01 2015 - 03:45:02 PST