John Levine wrote in <[email protected]>: |It appears that Murray S. Kucherawy <[email protected]> said: |>-=-=-=-=-=- |> |>On Wed, Jan 31, 2024 at 5:44 PM Steffen Nurpmeso <[email protected]> \ |>wrote: |> |>> But i cannot read this from RFC 6376. |> |>Sections 2.8 and 3.4.4 don't answer this? | |Not really. They say what to do with CRLF but not with a lone CR or \ |lone LF. | |RFC5322 says: | | o CR and LF MUST only occur together as CRLF; they MUST NOT appear | independently in the body. | |So I think the answer is that a thing with a lone CR or LF is not a |valid message so signers shouldn't sign them and validators shouldn't |validate them. If you want to allow them, OK, but no promises that |anyone at the other end will treat the brokenness the same way you |dod.
Thanks for the answer. That MUST NOT i had completely forgotten. But hanging in some milter i decided to simply treat them as ordinary bytes. I mean, i could enforce message "rejection", even more so later when this thing also verifies, but i would think the MTA administrator would not like this very much -- she or he shall configure the MTA, and i work what i get. This is also why the 8/28/5322 IMF parser simply digs CFWS, plus LF, plus CR etc, almost everywhere. In practice the user wants to see outcome. Some years ago people embedded garbage in emails with base64 encoding, and my parser simply complained on invalid input and refused to show the content. That was no good. The mutt MUA, for example, simply digged it (mostly). So i am now super liberal and simply ignore any non-base64 garbage. But maybe i will add a configuration option when the DKIM thing has matured, especially later with the verifier. |We can get into some theological arguments about BINARYMIME which |allows arbitrary bytes in a MIME part but I expect that DKIM |canonicalization code will choke on other stuff in binary MIME before |it gets to a \x0a or \x0d. It is amazing and frustrating and what not that i send a message with UNIX line endings that ends in a UNIX line endings MBOX, but for the milter postfix creates a complete CRLF terminated message. I (i do not use libmilter) would feel safer if i would simply get NUL terminated strings, or packets with length/data tuples. But so is the protocol. Well. Thank you. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
