Re: [exim] Experimental domainkeys and headers...

Tom Kistner wrote:
> Ian FREISLICH wrote:
>
> > The X-virus-scanned header can be added above the Domainkey-signature
> > because it's added by an ACL. But the other headers added at
> > delivery time are added by the transport and they break the DK
> > signature. Also, if someone has delivered a mail that has any of
> > my removed headers:
>
> Are you sure about that? I made the signing process so that it signs the
> messages just as it goes down the delivery fd (that may be a TLS fd).
> That should even be after a transport filter.

As a matter of course I, but maybe now need to review this policy,
strip out X-Spam* SpamAssassin headers that have been leaked to the
internet by misconfigured hosts and just in case I leak them as
well.

I can't specify in a router or transport where headers should be
added and I certainly can't add my SA headers at ACL time because
they may then leak out onto the internet. If I do add them and
strip them at SMTP transport time I might strip out headers that
came in and are a part of the signature.

My server will always be able to verify the signature at incoming
SMTP time, but for instance in a local delivery, any old SA headers
will be removed and new ones may be inserted. The client will then be
unable to verify the signature when they pop or imap their mail.

> As for the problem of removing existing headers that are part of an
> already present signature: Don't do that. At least for the time being.
> There may be a flag that "protects" such headers in the future. :)

How do you now they're part of the signature? There's no context
in exim's header manipulation.

Ian

--
Ian Freislich