Chris, > No, I'm referring to the plugin patch, which according to bugzilla was > going to be applied to 3.1.1 (so I assume I don't need to worry about > this, since I'm using 3.1.4): > http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4623
That patch is in the current code as far as I can tell (looking at 3.1.7), but must have been applied for some time now. The ticket is closed. > I have Mail::DomainKeys 0.80, which I think should work. It is a waste of time working with versions of Mail::DomainKeys so old, there will be numerous false-positive signature failures. Here is a brief list of issues fixed in the last couple of versions, leading up to 0.86: - folding of 'h' subfield of the DomainKey-Signature header field not understood, leading to incorrect list of headers to be applied to verification; - subtag 'd' does not match subdomains; - inappropriately unfolding of header fields when using a "simple" canonicalization algorithm; - incompatibility of line endings with SA plugin, completely breaking "simple" canonicalization algorithm; - inappropriately requires one whitespace character to be present after a colon in a header field; - revoke the use of Email::Address (introduced in 0.82 or thereabout) in favour of previous Mail::Address in order to avoid endless loops on evaluating regexp on bad mail; And without my patch, signed messages coming through SA users (or similar) lists will not verify, because MLM adds a Sender field. Mark
