Is this really worth worrying about? I mean, the amount of actual ham is in the vast minority so even if all of your ham was doing tons of anti social things it probably wouldn't make much if any difference in your average border mail gateway's job.
Mike On 10/31/2009 10:55 AM, Steve Atkins wrote: > > On Oct 31, 2009, at 10:45 AM, hector wrote: > >> Working on a DKIM stats log analyzer, I found some facebookmail.com >> notification messages with two duplicate DKIM signatures. >> >> DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=q1-2009b; >> c=relaxed/relaxed; >> q=dns/txt; [email protected]; t=1256981485; >> h=From:Subject:Date:To:MIME-Version:Content-Type; >> bh=uFmzuYhiBd82ctm8i9mPRevatL4=; >> b=m4nhlG7A0JxZnEWa6DQza0oMghkv6CI+vNM41hY7tipGHfvj6EXCpXaFFGuV/xgj >> Zut8syylO1s4qASiqCWBaQ==; >> DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=q1-2009b; >> c=relaxed/relaxed; >> q=dns/txt; [email protected]; t=1256981485; >> h=From:Subject:Date:To:MIME-Version:Content-Type; >> bh=uFmzuYhiBd82ctm8i9mPRevatL4=; >> b=m4nhlG7A0JxZnEWa6DQza0oMghkv6CI+vNM41hY7tipGHfvj6EXCpXaFFGuV/xgj >> Zut8syylO1s4qASiqCWBaQ==; >> >> I don't see a difference. >> >> I'm sure this is probably minor, but with "tons" of fb notifications >> coming into users machines, short circuiting redundant hash >> verification probably has some merit. >> >> How should it be handled? Should logic be added to see if the bh= or >> b= base64 hash was already processed? > > I'd expect that shortcircuiting the bh= calculation would save a lot > of work in the more typical case that the two signatures are by > different signers, so is worth doing. > > Cheers, > Steve > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
