Docs: clarify DKIM default signing. Bug 2179

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d030ee238ee8c49c5943429c76bd415ba488c398..a9a048ecb3640fa30028675eece740f19011cebe 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -23806,7 +23806,7 @@ of the message. Its value must not be zero. See also &%final_timeout%&.
 .option dkim_private_key smtp string&!! unset
 .option dkim_canon smtp string&!! unset
 .option dkim_strict smtp string&!! unset
-.option dkim_sign_headers smtp string&!! per RFC
+.option dkim_sign_headers smtp string&!! "per RFC"
 .option dkim_hash smtp string&!! sha256
 .option dkim_identity smtp string&!! unset
 DKIM signing options.  For details see section &<<SECDKIMSIGN>>&.
@@ -38591,13 +38591,17 @@ either "1" or "true", Exim will defer. Otherwise Exim will send the message
 unsigned. You can use the &%$dkim_domain%& and &%$dkim_selector%& expansion
 variables here.
 
-.option dkim_sign_headers smtp string&!! see below
+.option dkim_sign_headers smtp string&!! "see below"
 If set, this option must expand to a colon-separated
-list of header names. Headers with these names will be included in the message
-signature.
-When unspecified, the header names recommended in RFC4871 will be used.
+list of header names.
+.new
+Headers with these names, or the absence or such a header, will be included
+in the message signature.
+When unspecified, the header names listed in RFC4871 will be used,
+whether or not each header is present in the message.
 The default list is available for the expansion in the macro
 "_DKIM_SIGN_HEADERS".
+.wen
 
 
 .section "Verifying DKIM signatures in incoming mail" "SECID514"