From: Jeremy Harris Date: Wed, 25 Oct 2017 14:54:31 +0000 (+0100) Subject: Docs: clarify DKIM default signing. Bug 2179 X-Git-Tag: exim-4_90_RC1~10 X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=d29c160fa7939ba75adbc4b16e208fc56972384f Docs: clarify DKIM default signing. Bug 2179 --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index d030ee238..a9a048ecb 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -23806,7 +23806,7 @@ of the message. Its value must not be zero. See also &%final_timeout%&. .option dkim_private_key smtp string&!! unset .option dkim_canon smtp string&!! unset .option dkim_strict smtp string&!! unset -.option dkim_sign_headers smtp string&!! per RFC +.option dkim_sign_headers smtp string&!! "per RFC" .option dkim_hash smtp string&!! sha256 .option dkim_identity smtp string&!! unset DKIM signing options. For details see section &<>&. @@ -38591,13 +38591,17 @@ either "1" or "true", Exim will defer. Otherwise Exim will send the message unsigned. You can use the &%$dkim_domain%& and &%$dkim_selector%& expansion variables here. -.option dkim_sign_headers smtp string&!! see below +.option dkim_sign_headers smtp string&!! "see below" If set, this option must expand to a colon-separated -list of header names. Headers with these names will be included in the message -signature. -When unspecified, the header names recommended in RFC4871 will be used. +list of header names. +.new +Headers with these names, or the absence or such a header, will be included +in the message signature. +When unspecified, the header names listed in RFC4871 will be used, +whether or not each header is present in the message. The default list is available for the expansion in the macro "_DKIM_SIGN_HEADERS". +.wen .section "Verifying DKIM signatures in incoming mail" "SECID514"