At 23:32 08-01-2008, Daniel Black wrote: >Other solutions could be providing patches to software like mailman that will >reject DKIM email without bodylength tags that it intends to mangle.
That would reject mail from Gmail. >Maybe modifying the documentation to highlight the risks of subject and body >prepend/appending. See http://www.ietf.org/rfc/rfc4686.txt "When body length limits are used, there is the potential for an attacker to add content to the message. It has been shown that this content, although at the end, can cover desirable content, especially in the case of HTML messages." Regards, -sm ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
