On Mon 10/Jul/2023 17:50:54 +0200 John Levine wrote:
FYI, the IETF's mail relay for role accounts like WG chairs breaks DKIM signatures. It's a bug, but it took quite a while to realize what the problem was, since some signatures get through OK. It's an old python library helpfully tidying up the message headers. Fixing the bug is nontrivial due to the cruftiness of the surrounding code. See tools-discuss for way more details. In theory relays shouldn't break DKIM, in practice ...
Let me note, tangentially, that that may also look like a DKIM over-signing issue. My tool[*] didn't verify the original signatures of the message I'm replying to because Content-Type: was changed to «text/plain; charset="utf-8"», where it likely was «text/plain; charset="us-ascii"». We can consider the bug to be in the helpfully tidying up, in the over-signing practice, or somewhere in between.
Best Ale -- [*] https://mailarchive.ietf.org/arch/msg/dmarc/wFTm0dfCdWso5c7uJz4Or8XBoZU/ _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
