if follows https://www.rfc-editor.org/rfc/rfc8823.html if I read that correctly
I made it to able to use old config then not signing email certs, but it does print into logs so maybe
after implementing this I think we will move to mail parsing part into mailing agent not from va currently in this impl because mail parsing is big task, and some buffer overflow in that is much worse result to happen in va than mail receiver (mostly harmless here as this case receiver just post hash of keyauth to VA without challenge result or right keyauth