From 39d79ae5a66de607bde8738200f332e5301a7731 Mon Sep 17 00:00:00 2001 From: Scott Kitterman Date: Wed, 11 Sep 2019 15:25:50 -0400 Subject: [PATCH] Add information on message content conversion to README --- CHANGES | 1 + README | 9 +++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 086d18d..a7d7d0f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,6 @@ 1.2.0 UNRELEASED - Add support for SignHeaders feature, thanks to Ralph Seichter for the patch + - Add information on message content conversion to README - Add new expand option to setup.py so various file system locations can be specified at build/install time rather than being hard coded - Install openrc init file for Gentoo and other openrc users diff --git a/README b/README index 88b9726..b56b8b7 100644 --- a/README +++ b/README @@ -27,7 +27,7 @@ available in either the main or backports repositories: It is also available in the Debian package archive: -[sudo] apt install dkimpy-milter [Debian 10] +[sudo] apt install dkimpy-milter [Debian 10 or later] [sudo] apt install -t stretch-backports dkimpy-milter [Debian 9] When installing using the Debian package, all dependencies are automatically @@ -141,7 +141,12 @@ the following steps: [sudo] systemctl status dkimpy-milter (to verify it started correctly) As with all milters, dkimpy-milter needs to be integrated with your MTA of -choice (Sendmail or Postfix). +choice (Sendmail or Postfix). When integrating with your MTA, the risk of +signature invalidation due to content conversion of the message body needs to +be considered. See RFC 6376, Section 5.3 for discussion of this issue. As a +practical matter, when signing, configure the milter to follow all others that +might modify the message body. When verifying, configure the milter before +other processes that might modify the message body. SENDMAIL ========