Mailscanner disturbs my domainkey?

Leif Neland mailscanner-user at NELAND.DK
Wed Oct 5 13:00:02 IST 2005

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

John Rudd wrote:
> On Oct 1, 2005, at 6:31 AM, Julian Field wrote:
>>> In any case, any good info, pointers, tips on getting domainkeys to
>>> work using sendmail+MailScanner would be appreciated. I've already
>>> set up SPF, but having domainkeys as well would be a plus.
>>  From what I have seen over the past 20 years or so is that the usual
>> practice is to put "Received" headers at the top, and all X- headers
>> and
>> other header modifications at the bottom. If they produce one
>> exception saying that all new headers must be before the domainkeys
>> header, then how many others are there likely to be in future? They
>> have somewhat changed the rules.
> There's no "somewhat" about it.  If you embrace DomainKeys, then you
> have to accept that the rules have changed.
> With DomainKeys, all new headers have to be added above the DomainKeys
> header (the easiest way is to add them to the beginning of all of the
> headers; this is what the new spamassassin does).  You also may not
> modify the subject, change the body content, because you may not
> modify anything after the DomainKeys header.
> So, when MailScanner wants to modify the body of a message, you would
> almost want-to/have-to get rid of the DomainKey header.  ...

The DomainKey header is:
DomainKey-Signature: a=rsa-sha1; s=arnold;; c=nofws; q=dns;

AFAICR that means that domainkey verification only looks at the headers 
mentioned above, and the rest, and the body may be freely modified.
But isn't there a risk for the content-transfer-encoding to change, eg from 
qp to 8-bit?


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list