[exim] DKIM signing and header choices?

Pàgina inicial
Delete this message
Reply to this message
Autor: Simon Josefsson
Data:  
A: exim-users
Assumpte: [exim] DKIM signing and header choices?
Hi! I think I have ran into this problem:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939808

My outgoing e-mails (like this one) is DKIM signed by Exim, and the
signature covers (on sending, the non-existing) List-Id header, which a
mailing list software inserts, breaking the DKIM signature for
recipients. I'm getting some DMARC reports about failures due to
invalid signatures, and these usually comes when I post something to a
mailing list. Is my analysis correct?

What do you think about the patch posted in the link above? See below.

/Simon

--- a/src/pdkim/pdkim.h
+++ b/src/pdkim/pdkim.h
@@ -26,14 +26,14 @@
#include "../blob.h"
#include "../hash.h"

-#define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
-                             "Message-ID:To:Cc:MIME-Version:Content-Type:"\
-                             "Content-Transfer-Encoding:Content-ID:"\
-                             "Content-Description:Resent-Date:Resent-From:"\
-                             "Resent-Sender:Resent-To:Resent-Cc:"\
-                             "Resent-Message-ID:In-Reply-To:References:"\
-                             "List-Id:List-Help:List-Unsubscribe:"\
-                             "List-Subscribe:List-Post:List-Owner:List-Archive"
+#define PDKIM_DEFAULT_SIGN_HEADERS \
+  "From:From:=Sender:Reply-To:Subject:Subject:Date:To:Cc:"\
+  "Message-ID:In-Reply-To:References:MIME-Version:"\
+  "Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:"\
+  "=Resent-Date:=Resent-From:=Resent-Sender:=Resent-To:=Resent-Cc:"\
+  "=Resent-Message-ID:"\
+  "=List-Id:=List-Help:=List-Unsubscribe:=List-Subscribe:=List-Post:"\
+  "=List-Owner:=List-Archive"