On 02/22/2018 08:52 AM, Benny Pedersen wrote:
Giovanni Bechis skrev den 2018-02-22 15:39:

sub check_dkim_valid {
  my ($self, $pms, $full_ref, @acceptable_domains) = @_;
  $self->_check_dkim_signature($pms)  if !$pms->{dkim_checked_signature};
  my $result = 0;
  if (!$pms->{dkim_valid}) {
    # don't bother
  } elsif (!@acceptable_domains) {
    $result = 1;  # no additional constraints, any signing domain will do,
                  # also any signing key size will do
  } else {
    $result = $self->_check_dkim_signed_by($pms,1,0,\@acceptable_domains);
  return $result;

there we go :(

dkim signed should be any key bits allowed, but dkim valid should not allow under minimal key bits

$self->_check_dkim_signed_by already checks for miminal key bits

elsif part is correct ?

i read code as any key bits can make valid dkim

That is also my finding based on:


which hit DKIM_VALID with a 768-bit key.

David Jones

Reply via email to