[exim-dev] [Bug 2017] New: DKIM failing on a dot terminator …

https://bugs.exim.org/show_bug.cgi?id=2017

            Bug ID: 2017
           Summary: DKIM failing on a dot terminator in test mode
           Product: Exim
           Version: 4.88
          Hardware: x86
                OS: FreeBSD
            Status: NEW
          Severity: bug
          Priority: medium
         Component: DKIM
          Assignee: tom@???
          Reporter: truxa@???
                CC: exim-dev@???

When simulating an email reception with "exim -bh <IP>", we are requested to
terminate the data with a CRLF-dot-CRLF sequence. The terminating dot-CLRF is
then included into the canonicalized body string, and in consequence the DKIM
signature fails with "bodyhash mismatch" even on perfectly good signatures.

An example section of a debug output for a message with a good DKIM signature
(pass in transmit) follows:

...
</blockquote></div></div></div><br></div>{LF}
</blockquote></div><br></div>{LF}
{LF}
--94eb2c1244feb957850545f8cf2e--{LF}
.{LF}

PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [gmail.com] Body bytes hashed: 9559
PDKIM [gmail.com] bh computed:
4372ba2a514f9d853896d4769e9a93a0eac28bd9eefe186b89a97691b60ca0a2
PDKIM [gmail.com] bh signature:
d0301500c1bfbcd41371be55cfdd5dd070d9696f287cefed88005932884be71b
PDKIM [gmail.com] Body hash did NOT verify

--
You are receiving this mail because:
You are on the CC list for the bug.