[
https://issues.apache.org/jira/browse/JAMES-3742?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518034#comment-17518034
]
Paul Chown commented on JAMES-3742:
-----------------------------------
Hi Benoit,
any ideas about how that might be done? There's a lot going on in MimeMessage
and simply not calling saveChanges() doesn't seem to be a likely option, but as
soon as you do that then the header is broken. MimeMessage is also used a lot,
so I guess there must be some rationale behind this behaviour that I don't
understand. I just find it hard to believe that we are the only ones with this
problem...
Cheers, Paul
> MIME-Version header is changed, breaking DKIM signatures
> --------------------------------------------------------
>
> Key: JAMES-3742
> URL: https://issues.apache.org/jira/browse/JAMES-3742
> Project: James Server
> Issue Type: Bug
> Components: James Core
> Affects Versions: 2.3.2
> Reporter: Paul Chown
> Priority: Major
>
> We are using James to forward mails from external email servers to customer
> accounts.
> Some email clients create emails with the following headers:
> {noformat}
> Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
> d=xxxx.gappssmtp.com; s=20210112;
>
> h=from:content-transfer-encoding:mime-version:subject:message-id:date:to;
> bh=...;
> b=...{noformat}
> So the message is signed by the originator including the {{Mime-Version}}
> header. The problem is that if we set an additional header with
> {{SetMimeHeaderHandler}} or invoke the SpamAssassin service then the method
> {{MimeMessage.updateHeaders()}} is invoked which sets a new mime version
> header:
> {noformat}
> MIME-Version: 1.0{noformat}
> thereby breaking the DKIM signature from the original sender. We can add our
> own signature using the new header, but this isn't aligned with the sender
> domain so it doesn't help. It's probably debatable whether the original Mac
> mail client mime version header is valid, but it is what it is.
> This seems to be completely broken, but the behaviour is baked into the
> {{MimeMessage}} class and we can't see any way around it. How can we preserve
> the original mime-version header and the DKIM signature?
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
