Re: [exim] DKIM signature where the identity field has a lea…

Top Page

Reply to this message
Author: Phil Pennock
Date:  
To: Tony Meyer
CC: exim users
Subject: Re: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystem
On 2011-05-03 at 21:25 +1200, Tony Meyer wrote:
> If a message contains a DKIM signature header where the identity field
> begins with a slash, like
> "/free_electronic_cigarette@???", then entries like
> the following appear in the paniclog:
>
> """
> 2011-04-25 13:41:50 1QEL6r-0007jM-VV failed to open
> /free_electronic_cigarette@??? when checking
> "dogg.testcredit.net:/free_electronic_cigarette@???":
> No such file or directory
> """
>
> Example headers (the identity field was added to an otherwise valid
> signature produced by Exim, but the identify is one I'm seeing
> regularly in practice):


> Is this a problem?


With your configuration, I suspect yes.

The ACL assigned to acl_smtp_dkim will have been called with
dkim_cur_signer set to the identify field. What your ACL does with that
is the question.

How about posting the ACL configuration, so we can see what you're
trying to do there? I suspect that you have an addresslist or
domainlist which you're constructing using $dkim_cur_signer as an item
and not accounting for "10.3 File names in lists".

Post the ACL and we can try to help.
Regards,
-Phil