Re: [exim] DKIM pubkey_dns_syntax

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Wolfgang Breyha
日付:  
To: exim-users
題目: Re: [exim] DKIM pubkey_dns_syntax
Heiko Schlittermann via Exim-users wrote on 04/12/17 13:40:
> From RFC 6376
>
> [....]
> However, if we're liberal in what we accept, we should be able to
> filter-out non-DKIM records. That's what my simple patch does.


From the same RFC:
6.1.2. Get the Public Key
[...]

... The Verifier MUST validate the key record and MUST
ignore any public-key records that are malformed.

      NOTE: The use of a wildcard TXT RR that covers a queried DKIM
      domain name will produce a response to a DKIM query that is
      unlikely to be a valid DKIM key record.  This problem is not
      specific to DKIM and applies to many other types of queries.
      Client software that processes DNS responses needs to take this
      problem into account.


I think your patch does exactly that;-)

Greetings,
Wolfgang
--
Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/
Vienna University Computer Center | Austria