During the IETF working group there was a pretty solid consensus the l= was not generally a good idea (not quite enough to get it removed from the spec). The problem with it is that it defeats one of the basic functions of DKIM, to give assurance that you are receiving what was sent.
The fact that modification of a message causes verification to fail is a feature and not a bug. Taking a negative action on an unsigned or broken signature message in the absence of an appropriate ADSP policy is mistaken. A DKIM signature gives you a reliable identifier to feed into your reputation system (e.g. policy banks in amavisd-new). Absence of a signature just means don't feed it to the reputation system. I think this request is miguided. Scott K -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
