> Wouldn't the Apple account reject it because it fails DKIM/etc?

Yeah, I would be curious to see the actual email headers of what was received.

As an aside, fun fact, this would not be possible with @apple.com because Apple employees have old-school S/MIME signatures as an additional security layer.

▲

valleyer 4 days ago | parent | next [-]

> this would not be possible with @apple.com because Apple employees have old-school S/MIME signatures as an additional security layer

A few do, but most do not, and certainly Apple's automated-system e-mails do not.

▲

Avamander 5 days ago | parent | prev [-]

How would recipients know to expect an S/MIME signature though. It's not like it's enforced by MTAs like DMARC is.

▲

traceroute66 5 days ago | parent [-]

IIRC, if you're using Apple's Mail client it gets validated against the root cert shipped with MacOS/iOS. You get a little black tick next to the sender.

In theory, third-party places like gmail could (should ?) automagically verify S/MIME sigs where a root cert is readily available.

	▲	Avamander 4 days ago \| parent [-]
		Support for verification is indeed widespread, but if it's missing there's nothing to verify. There's no system in place to warn the user when there is no signature and that there should be one.