Ok so at one point, this got “fixed” to over signing…. but is that really right?
Per the RFC:
The following header fields SHOULD be included in the signature, if they are present in the message being signed:
• From (REQUIRED in all signatures)
• Sender, Reply-To
• Subject
• Date, Message-ID
• To, Cc
• MIME-Version
• Content-Type, Content-Transfer-Encoding, Content-ID, Content-Description
• Resent-Date, Resent-From, Resent-Sender, Resent-To, Resent-Cc, Resent-Message-ID
• In-Reply-To, References
• List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, List-Owner, List-Archive
The following header fields SHOULD NOT be included in the signature:
• Return-Path
• Received
• Comments, Keywords
• Bcc, Resent-Bcc
• DKIM-Signature
Most importantly " if they are present in the message being signed”… but now it adds them to signing regardless? That certainly breaks some things (quite a bit), most notably when you post a message into a mailing list and “List-Id” is added. That completely invalidates the original DKIM signature.
Is there a knob to turn this back to the original functionality and “not oversign” ?
--
Robert
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu
> On Mar 9, 2016, at 1:38 PM, admin@??? wrote:
>
> https://bugs.exim.org/show_bug.cgi?id=1309
>
> Jeremy Harris <jgh146exb@???> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> Resolution|--- |FIXED
> Status|ASSIGNED |RESOLVED
>
> --- Comment #7 from Jeremy Harris <jgh146exb@???> ---
> Nobody commented
>
> --
> You are receiving this mail because:
> You are on the CC list for the bug.
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
