On Tue, Jan 16, 2024 at 8:58 AM Dave Crocker <d...@dcrocker.net> wrote:
> Ahh. OK. Oversigning, to prevent sending a version of the message onward > -- but with one or another field added -- is generally viewed as a Good > Thing. I have tried to locate one, but I believe there are some best > practices documents that give advice about doing it. > > However it is not what is meant by DKIM Replay. > > DKIM Replay re-sends an /unmodified/ copy of the message, where only the > SMTP RCPT-To is different. DKIM doesn't (and can't) cover that SMTP > command. > I'd call it DKIM replay if the signature is intact. For a little while, attackers used duplicate Subject and/or Date headers (subject to replace an innocuous subject line used on our platform to avoid getting caught by filters, replaced with their spam payload subject line, and Date presumably to avoid negative reputation effects from old Date headers in replays). Without oversigning those headers, DKIM would pass, since the original headers were still present and unmodified, in addition to the new headers added by the attacker. As noted by others, these duplicate headers violate RFCs, and I saw several mailbox providers add tighter checking of mail against RFCs as a defense against this type of DKIM replay.
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim