On Thursday November 6 2008 23:11:34 Murray S. Kucherawy wrote: > Seems like either patching the filter to anticipate such rewrites, or just > have everyone use "relaxed" (perhaps even default to it) for the header > fields is appropriate. However, even this doesn't handle rewrites that > alter the actual content, such as domain name masquerading.
...nor does "relaxed" help when sendmail inserts a FWS where there was none originally, like after a comma separating addresses in a To: header field (or after a colon, as was already mentioned here). Seems like the To field is subject to more threats than most other header fields - and since it is pretty much an informative-only header field (addresses are propagated out-of-band in the envelope from MSA to the final delivery, the To: has no effect on mail delivery nor on DSN), I don't think it is a great loss to just leave it out of the signature. > The ultimate solution would be to have the filter able to plug into the > MTA at a point after all of the rewriting is done. We call this "output > filtering", but we don't currently have it. That would help. The other great achievement would be to let a milter see the Received header field that is being generated by the MTA. The absence of it makes some milters jump hoops to internally synthesize this header field to supply the needed information for its operation (e.g. for calling SpamAssassin from a milter). Also, not knowing the exact final appearance of this header field, along with a creative counting of header field index when inserting a new field by a milter, makes it a mess when a signing milter is combined with some other classical milter. For bedtime reading: http://archives.neohapsis.com/archives/postfix/2006-10/1698.html http://archives.neohapsis.com/archives/postfix/2006-11/0467.html http://archives.neohapsis.com/archives/postfix/2006-11/0505.html http://archives.neohapsis.com/archives/postfix/2006-11/0509.html http://archives.neohapsis.com/archives/postfix/2006-11/0516.html http://archives.neohapsis.com/archives/postfix/2006-11/0519.html http://archives.neohapsis.com/archives/postfix/2006-11/0565.html http://archives.neohapsis.com/archives/postfix/2006-11/0568.html http://archives.neohapsis.com/archives/postfix/2006-12/1299.html Mark ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
