--On 15 June 2010 14:55:55 -0400 W B Hacker <[email protected]> wrote:
> Ian Eiloart wrote: >> >> --On 14 June 2010 11:59:30 -0700 Phil Pennock <[email protected]> >> wrote: >> >>> I think that if you run a mailing-list manager which modifies content at >>> all, whether it's a message footer or Subject: manipulation, then you >>> should be looking to strip DKIM-Signature: from mails as part of >>> processing the mails. There's no need to embed any replacement >>> signatures or know anything more than "this is a checksum header, we're >>> breaking the checksum, strip the header out". It would probably be more >>> polite to rename it to Old-DKIM-Signature: rather than remove it. And >>> processing DomainKey-Signature: in the same way would be good. >> >> I think the recommended behaviour is to leave alone the original >> signature, and add your own. Given that mailing lists can break >> signatures, it's unwise to reject an email on the basis that it carries >> a broken signature. >> > > Well there yah go ... the pragmatic world bites again. And rightly so. > > But one of the reasons I've not been enamored of DKIM and predecessors > from the outset. > > While 'on point' - my suggestion that MLM admins > strip-now-probably-broken and replace with known-good sigs would > (AFAICS) at least reduce the need to give a pass to broken DKIM, AND > centralize the source AS the MLM, not sideswipe the validity of the > creds of every possible poster TO a given list ... means 'somewhat' > fewer broken DKIM in the wild. > I think this somewhat misses the point of DKIM. Like SPF, it's used for authentication, not for authorisation. Successful authentication with DKIM simply means that the message is unalterered (in certain respects) since it was signed by the signing domain. There are many ways that messages might carry broken signatures, including forwarding by DKIM unaware MLMs, and by MUAs. The DKIM specification says that a broken signature is to be treated like the absence of a signature. However, a broken signature might help an administrator to trace a problem with an email, so there is some value in retaining it when forwarding. The presence of a good signature simply means that you can (a) apply some kind of reputation assignment to the message on the basis of: (i) the reputation of the signing domain, and (ii) reputations that might be applied to the signed content in the context of the signing domain. and, (b) use the content of the message to modify your reputation database. An example of (ii) above might be that you could use the "From:" header address for reputation, provided that it's signed. You might only want to do that if the address domain matches (or, perhaps is a subdomain of) the signing domain. -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
