Re: [exim] Percentage signs in identity field in DKIM signat…

Top Page

Reply to this message
Author: Tony Meyer
Date:  
To: exim users
Subject: Re: [exim] Percentage signs in identity field in DKIM signature header are treated as format placeholders
> When I receive (Exim 4.75) messages that have a DKIM signature that
> has a percentage sign in the identity field I get paniclog entries
> like this:
>
> """
> 2011-04-29 04:20:53 1QFdK8-0000hi-Ts string_format: unsupported type
> in "%i" in "DKIM: d=iecc.com s=4330.4db9faa9.k1104 c=simple/simple
> a=rsa-sha256 i=spamfighter%iecc.com@??? [verification
> succeeded]"
> """


My DKIM ACL is this:

"""
acl_check_dkim:
  warn
    !dkim_status   = invalid
    add_header     = :at_start:X-DKIM: $dkim_verify_status


  accept
    dkim_status    = none
    sender_domains = KNOWN_DKIM_SIGNERS
    dkim_signers   = KNOWN_DKIM_SIGNERS
    condition      = ${if eqi{$sender_address_domain}{$dkim_cur_signer}}
    log_message    = Possible DKIM Forgery: Unsigned message from
$sender_address_domain
    add_header     = :at_start:X-DKIM: Exim $version_number on
$primary_hostname (no dkim signature for required
domain:$dkim_cur_signer)


  accept
    dkim_status    = none
    !sender_domains = KNOWN_DKIM_SIGNERS
    !dkim_signers  = KNOWN_DKIM_SIGNERS
    add_header     = :at_start:X-DKIM: Exim $version_number on
$primary_hostname (no dkim signature for $dkim_cur_signer)


  accept
    dkim_status    = pass : invalid
    add_header     = :at_start:Authentication-Results:
$primary_hostname; dkim=$dkim_verify_status;
signing_identity="$dkim_cur_signer"; reason="$dkim_verify_reason"


  accept
    dkim_status    = fail
    condition      = ${if eq{$dkim_key_testing}{1}{no}{yes}}
    log_message    = DKIM Failure: $dkim_verify_reason
    add_header     = :at_start:X-DKIM-Failure: $dkim_verify_reason


accept
"""

After figuring out the / issue, I'm wondering if the problem here is
with using $dkim_cur_signer in add_header. However, this DATA ACL
doesn't cause any problems:

"""
  warn
    add_header = X-Testing: This is a message with a %i in it.
"""


Any more insights into this? I can open a bug as Bill suggested, but
my guess is that it's my error, not Exim's :)

Thanks,
Tony