On Mon, Jun 28, 2021 at 11:26:59AM -0300, Jason Gunthorpe wrote: > Isn't a 7-bit conversion what I pointed at last time we talked about > this? I changed several options in postfix last time this was raised, but as nobody ever provided a test case, I had no way of knowing if it worked or not. Personally, I think DKIM provides very little value considering that a good chunk of the spam that goes by has valid DKIM signatures, not to mention that it doesn't help with modern phishing attempts much either. > DKIM assumes a "modern" mail system, there should not be 7bit > conversions in the mail pipeline. Anyone sending DKIM needs to be 8 > bit clean. "Be strict in what you send, and be liberal in what you receive." DKIM makes assumptions about the mail transport layer that are not true. If the signatures had been applied on content *after* the quoted printable conversion, this would never have been an issue. DKIM is a poorly done spec that ignores decades of that philosophy at the IETF. And even if a DKIM signature passes, that's still not enough to trust the resulting email. All it does is ensure that a small subset of valid emails get dropped on the floor. This doesn't seem like an overall win. -ben -- "Thought is the essence of where you are now."