Re: [exim] dkim signature is including empty headers, seems…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Richard Clayton
Data:  
Para: Ian Kelling
CC: exim-users
Asunto: Re: [exim] dkim signature is including empty headers, seems like it shouldn't be
In message <87k1zk5hib.fsf@x2>, Ian Kelling <iank@???> writes

>My signature looks to have all RFC4871 headers, but my message
>definitely does not have them:
>
>h=Date:Message-Id:Subject:To:From:Sender:Reply-To:Cc:
>       MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
>       Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-
>To:Resent-Cc
>       :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-
>Unsubscribe:
>       List-Subscribe:List-Post:List-Owner:List-Archive

>
>I'm testing with exim 4.89-6 from debian.
>
>Should this be happening?


yes

> How can I make exim only sign headers that are
>in the message I send? Thanks in advance.


why would you want to do that ? If someone was to add these headers and
you had signed the message saying that they were empty then their fraud
would be detected ... if you do not sign then they can add these headers
without detection -- which may, depending on the circumstances and the
header be very bad :(

note that some people sign

        Subject:Subject


and similar so that if a second Subject is added (which is of course not
standards compliant, but some mail systems will display a second subject
in preference to the first one [and vice versa]) and so they wish to
guard against this

-- 
richard                                                   Richard Clayton


Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755