Doubts about DKIM verification (RFC6376)

email dkim rfc

Solution 1:

You have it yourself:

Survivability of signatures after transit is not guaranteed, and signatures can fail to verify through no fault of the Signer.

I read it this way: A sends to C. The message is relayed via B so the flow looks like A->B->C

Party B can take steps (such as stripping off or changing headers) that invalidates the signature. Penalizing party A attempting to the right thing for B's bad behavior makes no sense, and so should be treated no differently then a message without a signature at all.

Related

Linux self recovering DHCP after really long downtime?
After upgrade from Debian 10 Buster to Debian 11 Bullseye security updates 404 not found
what is the relation between block size and IO?
Enable IKE tracing on windows 10 VPN
How to set environment variables for the CI/CD in GitLab when using Auto DevOps (with GCP Kubernetes)?
How to dismiss nginx warning message nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
Force all files & subdirs that BY ANY MEANS come to be in/under a directory to inherit all permissions and group
How to plan an Active Directory domain rename without it killing me?
How to protect 15-amp circuit from UPS with 20/30-amp draw
File-sharing over Infiniband on FreeBSD
Wireguard Unable to Complete Handshake on Android only 4G network
Virtual Box 'VERR_SSM_LOAD_CONFIG_MISMATCH' error when restoring a snapshot