Szerző: Tony Meyer Dátum: Címzett: exim users Tárgy: [exim] DKIM signature where the identity field has a leading slash
attempts to touch the filesystem
Hi,
If a message contains a DKIM signature header where the identity field
begins with a slash, like
"/free_electronic_cigarette@???", then entries like
the following appear in the paniclog:
"""
2011-04-25 13:41:50 1QEL6r-0007jM-VV failed to open
/free_electronic_cigarette@??? when checking
"dogg.testcredit.net:/free_electronic_cigarette@???":
No such file or directory
"""
Example headers (the identity field was added to an otherwise valid
signature produced by Exim, but the identify is one I'm seeing
regularly in practice):
"""
Date: Tue, 3 May 2011 12:54:28 +0400
From: tony.meyer@???
To: tony@???
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=spamexperts.com; s=testing;
i=/free_electronic_cigarette@???;
h=Message-ID:Subject; bh=Hy61WwSEndqwKzArKPLZcQPACoRjmbmRdNbnqGWeg+Y=;
b=OycCCWIsDLe5EuMvUAoYJowSxrHJRcYi6sKZpjD56X5LkZ1K/VTDDbPjBh70lk1ck1sndvfye2XnxGiaMx2gYx7owy5lsTUX8sqtX3yLYXbaSiM98Qjm+AQJ4X8I99Wq5tjHxcn9zGKBJnRIthPMy7Ep/fud07NJ1fid2OiOzz8=;
Subject: test
"""