[exim-dev] [Bug 2394] DKIM docs reference obsolete RFC

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2394] DKIM docs reference obsolete RFC
https://bugs.exim.org/show_bug.cgi?id=2394

Graeme Fowler <graeme@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |graeme@???


--- Comment #2 from Graeme Fowler <graeme@???> ---
Notwithstanding the discussions around signing non-existent headers, the docs
do indeed refer to an obsolete RFC - inconsistently, as the paragraphs above
and below refer to the updated version.

I'll change that in due course.

Now - the other issue is that Exim has a default set of headers to sign in
pdkim.h <URL:https://git.exim.org/exim.git/blob/HEAD:/src/src/pdkim/pdkim.h>

  29 #define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
  30                             
"Message-ID:To:Cc:MIME-Version:Content-Type:"\
  31                              "Content-Transfer-Encoding:Content-ID:"\
  32                             
"Content-Description:Resent-Date:Resent-From:"\
  33                              "Resent-Sender:Resent-To:Resent-Cc:"\
  34                              "Resent-Message-ID:In-Reply-To:References:"\
  35                              "List-Id:List-Help:List-Unsubscribe:"\
  36                             
"List-Subscribe:List-Post:List-Owner:List-Archive"


Sending to mailing lists with a DKIM signature including empty or otherwise
non-existent headers seems... fragile, especially given the propensity of lists
to add those headers themselves.

What confuses me though is that IIRC back in the days of either 4.86 or 4.87,
the non-existent headers *were not included* in the signature. I'm trying to
determine where that behaviour changed.

--
You are receiving this mail because:
You are on the CC list for the bug.