Re: [exim] Signed header list in DKIM headers

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MEvgeniy Berdnikov at <-
M 
Delete this message
Reply to this message
Author: exim-users
Date:  
To: exim-users
Subject: Re: [exim] Signed header list in DKIM headers
Hi Evgeniy,

On 26.01.20 18:13, Evgeniy Berdnikov via Exim-users wrote:
>> The original message did only contain:
>> Subject, To, References, From, Message-ID, Date, MIME-Version, In-Reply-To, Content-Type, Content-Transfer-Encoding
>>
>> Those headers where not altered, however List-XXX-Headers where added and thus broke the initial signature (as these headers where included as).

> DKIM-compliant mailing list manager should add those headers to the top,
> before DKIM signature.

That is right, however often not the case.

>> By checking more examples, I do not think that there is an generic approach to do this.
>
> Generic approach to verify original DKIM signature, drop if signature is
> invalid, then strip out all DKIM headers. Then message may be modified
> arbitrarily by mailing list manager. Finally, message can be signed again
> (using DKIM key of this list) and forwarded to subscribers.

I was looking for a way to do this already at sending time before the mailing list software is involved.

Thanks for the RFC hints.

Best regards,
Thomas

--
Thomas Freitag

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Signed header list in DKIM headers[exim] Avoid blank lines of the spamassassin spam report->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)