On 2023-09-19 at 17:52:33 UTC-0400 (Tue, 19 Sep 2023 14:52:33 -0700)
Bill Sommerfeld via mailop <[email protected]>
is rumored to have said:
A similar form of damage I just noticed today was an
outsourced-to-Microsoft mail service breaking a forwarded message's
DKIM signature when it rewrote:
From: <[email protected]>
Reply-To: <[email protected]>
to
From: <[email protected]>
Reply-To: <[email protected]>
(in case it's too hard to spot, changing two spaces to one between the
":" and the "<")
Putting anything other than a single space between the header name and
content is a form of malicious compliance...
This change breaks the original sender's c=simple/simple DKIM
signature.
Yes, I'm sure it does.
Using simple/simple canonicalization is not for people who want robust
DKIM signatures.
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
