[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: switching from exim to postfix

On Wed, 2 May 2012, Scott Kitterman <debian@kitterman.com> wrote:
> > It would be possible for a DKIM verification program to re-encode 7bit
> > messages to 8bit for a second attempt at verification.  But if a DKIM
> > milter author was going to do tricky things then a better first option
> > would be to try removing anything between [] in the subject line which
> > is the most common cause of DKIM failures that I see on valid mail.
> That and mailing list footers.  

Footers can be solved with the l= flag.  The threat of a hostile party 
appending data to a message probably isn't something you really worry about 
when posting to a mailing list.

It would be possible for a DKIM signing program to use l= for every message 
which has a recipient address containing the string "list".

> Receivers are, of course, free to manage inbound mail filtering however
> they  want, but if you take a message and try to recode it from 7 bit to 8
> bit and see if a DKIM signature passes verification, it's still not a
> valid DKIM signature in any sense that RFC 4871 or its successors would
> recognize.

If a milter replaced the message body such that it matched then it would be.

My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Reply to: