[mail-vet-discuss] Re: Auth-Results issues? #7 section 4.1
sm at resistor.net
Thu Apr 27 22:04:34 PDT 2006
At 20:06 27-04-2006, Tony Hansen wrote:
>I could see a mailing list server doing verification and putting in an
>A-R header, then signing the message before sending it out again, and
>including the A-R header within the signature's list of headers. If the
>foreign A-R header were removed, the mailing list server's signature
>would not verify.
It may be better not to suggest A-R header removal unless the header
contains the inbound verifier's hostname to avoid breaking the signature.
More information about the mail-vet-discuss