Conversation

Does the “Google is rewriting the links in your email” feature also mean that DKIM is hard(er) to verify given a set of messages, or is it easy to get the non-rewritten messages from an account?
5
12
Replying to
You already had to use the 'Show original' menu action to see the original email for anything like that. The email they show you in the UI has never shown all the headers and even for plain text emails has always deviated from the unmodified text.
1
4
Gmail should really surface whether emails are DKIM signed in the interface, by showing non-DKIM-signed emails as insecure as they do for emails sent without encryption. Most domains don't use a DMARC reject or even quarantine policy, but they do usually DKIM sign their emails.
1
3