Ok so at one point, this got “fixed” to over signing…. but is that really right?
Per the RFC:
The following header fields SHOULD be included in the signature, if they are
present in the message being signed:
• From (REQUIRED in all signatures)
• Sender, Reply-To
• Subject
• Date, Message-ID
• To, Cc
• MIME-Version
• Content-Type, Content-Transfer-Encoding, Content-ID,
Content-Description
• Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-Cc,
Resent-Message-ID
• In-Reply-To, References
• List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post,
List-Owner, List-Archive
The following header fields SHOULD NOT be included in the signature:
• Return-Path
• Received
• Comments, Keywords
• Bcc, Resent-Bcc
• DKIM-Signature
Most importantly " if they are present in the message being signed”… but now it
adds them to signing regardless? That certainly breaks some things (quite a
bit), most notably when you post a message into a mailing list and “List-Id” is
added. That completely invalidates the original DKIM signature.
Is there a knob to turn this back to the original functionality and “not
oversign” ?
--
Robert
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu
> On Mar 9, 2016, at 1:38 PM, [email protected] wrote:
>
> https://bugs.exim.org/show_bug.cgi?id=1309
>
> Jeremy Harris <[email protected]> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> Resolution|--- |FIXED
> Status|ASSIGNED |RESOLVED
>
> --- Comment #7 from Jeremy Harris <[email protected]> ---
> Nobody commented
>
> --
> You are receiving this mail because:
> You are on the CC list for the bug.
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
> details at http://www.exim.org/ ##
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
