On Wed, 2 May 2012, Scott Kitterman <deb...@kitterman.com> wrote: > > It would be possible for a DKIM verification program to re-encode 7bit > > messages to 8bit for a second attempt at verification. But if a DKIM > > milter author was going to do tricky things then a better first option > > would be to try removing anything between [] in the subject line which > > is the most common cause of DKIM failures that I see on valid mail. > > That and mailing list footers.
Footers can be solved with the l= flag. The threat of a hostile party appending data to a message probably isn't something you really worry about when posting to a mailing list. It would be possible for a DKIM signing program to use l= for every message which has a recipient address containing the string "list". > Receivers are, of course, free to manage inbound mail filtering however > they want, but if you take a message and try to recode it from 7 bit to 8 > bit and see if a DKIM signature passes verification, it's still not a > valid DKIM signature in any sense that RFC 4871 or its successors would > recognize. If a milter replaced the message body such that it matched then it would be. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201205022131.30133.russ...@coker.com.au