A change of Content-Transfer-Encoding (CTE) will always be accompanied
with a change in the body content associated with that MIME section. The
change in the body content will break the signature just as much as the
change to the header. So removing CTE from the list of headers that are
signed will be ineffective.
Tony Hansen
[email protected]
Florian Sager wrote:
> Hi,
>
> no matter which process will be chosen next the following small
> correction should be considered:
>
> According to the mails below the RFC compliant change of content
> encoding in MTA-forwarding may break signatures that follow the RFC 4871
> recommendation to include header "Content-Transfer-Encoding" in the
> signature. This header should be removed from section 5.5. Recommended
> Signature Content (The following header fields SHOULD be included in the
> signature ...).
>
> Regards,
> Florian
>
>
>
> Wietse Venema schrieb:
>> Florian Sager:
>>
>>> Hi Wietse,
>>>
>>> I'd like to get your evaluation of the following aspect before
>>> discussing this on the DKIM mailing list, maybe:
>>>
>>> In the context of testing DKM monitoring services in
>>> http://www.dkim-reputation.org we experienced that postfix changed
>>>
>>> an incoming Content-Transfer-Encoding: 7bit
>>> to
>>> an outgoing Content-Transfer-Encoding: quoted-printable
>>>
>> See RFC 1652 section 3.
>>
>> When sending 8BITMIME into a software that does not support 8BITMIME,
>> the sending mail system must convert to 7bit or return the mail.
>>
>> You can turn this off in YOUR Postfix, but that really does not
>> prevent other RFC-compliant mail systems from converting to 7bit.
>>
>> See also: http://www.postfix.org/FILTER_README.html section "
>> Advanced content filter: sending unfiltered mail to the content
>> filter" for how to avoid conversions with stupid content filters.
>>
>> Wietse
>>
>>
>>> The DKIM signature in the mail was broken afterwards, 'cause the Content-T
>>> -ransfer-Encoding header was included like it's proposed in
>>> http://www.ietf.o
>>> -rg/rfc/rfc4871.txt, 5.5. Recommended Signature Content (The following
>>> heade
>>> -r fields SHOULD be included in the signature ...).
>>>
>>> I guess that changes in the encoding are allowed in forwarding mail so the
>>> - DKIM header inclusion recommendation might be erroneous?
>>>
>>> Regards,
>>> Florian
>>>
>>>
>>> ===
>>>
>>> Agitos Websolutions
>>> Florian Sager, Bernhard Heindl und Christian Heindl GbR
>>> Stifterstrasse 16, 83026 Rosenheim
>>>
>>> Telefon: 089/45867554
>>> Telefax: 089/45867555
>>> Support: [email protected]
>>> http://www.agitos.de
>>>
>>>
>>>
>>>
>>
>
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
