On 05/09/2014 07:27 PM, Richard Damon wrote:
But the wrapped message could pass the DMARC DKIM signature check, if it will exactly matchs the message that came from Yahoo/AOL. (which the phish won't). This says that the List Headers, modified subject, list headers and footers should be added to the wrapping message, not the wrapped message, which also says that the MUA shouldn't throw this away, but combine these with the original message (but in a way that makes it clear which is which).
Just for the record, this is how the Wrap Message action is implemented in Mailman. I.e. all the stuff Richard mentions is done to the outer message, not to the message/rfc822 part that is the original message. The one exception that will break DKIM is content filtering which by necessity is applied to the original message before it's wrapped. This is a big one, because I suspect almost all messages from Yahoo users are multipart/alternative to begin with (and has anyone else noticed what a horrible job Yahoo does in making the text/plain alternative, but I digress ...), and many lists collapse alternatives so the DKIM sig will be broken.
That notwithstanding, as Stephen and others have mentioned, the MUAs to deal with this are not here and are unlikely to be here anytime soon.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan