On Thu, 6 Nov 2008, Dan Mahoney, System Admin wrote: > The question is, then -- is it still necessary? I don't know what your > interaction with the full-on sendmail product is, but can it come out > since it's only complicating things moving forward? Or would there be > fear that it would only break things further if that were done?
I have a very good relationship with that team. :) The question, though, is whether or not that change is ultimately worth making. > This doesnt' feel like this should need to be fixed in the dkim-milter > when it's the fault of the MTA. Ideally I agree, but the likelihood that a fix to the MTA would solve this problem on a net-wide basis doesn't seem all that great; if an MTA between your signer and the verifier is running any MTA which reworks headers (apparently sendmail's not the only one), then even if yours is patched not to make such changes, the downstream one will still break your signature. There's no guarantee that if the MTA you run gets fixed to skip the rewrites, all the other ones will also get and enable such a fix, so it's arguable that the fix isn't worth it. Seems like either patching the filter to anticipate such rewrites, or just have everyone use "relaxed" (perhaps even default to it) for the header fields is appropriate. However, even this doesn't handle rewrites that alter the actual content, such as domain name masquerading. The ultimate solution would be to have the filter able to plug into the MTA at a point after all of the rewriting is done. We call this "output filtering", but we don't currently have it. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
