[Mailman-Developers] dkim-signature headers

Mark Sapiro msapiro at value.net
Thu Feb 1 21:00:29 CET 2007 

Michael Thomas wrote:
>
>I'm not sure whether Murray's dkim milter allows you to sign with the l=
>option or not, but setting the body length allows text to be appended to the
>end of a message -- like a mailing list trailer. This combined with some 
>heuristics
>with subject line modification gets you to nearly 100% success rates. 


Consider that while Mailman doesn't do all of these things to every
message, it can do any of the following:

 - Add text to the beginning of the message body (msg_header)
 - Add text to the end of the message body (msg_footer)
 - Remove text from the beginning of the message body (Approved: line)
 - Add additional MIME parts to a multipart message (msg_header,
msg_footer)
 - Convert a single part message to multipart in order to add
msg_header/msg_footer
 - Remove parts from a multipart message (content filtering)
 - Convert an HTML part to plain text (content filtering)
 - Decode a base64 or quoted-printable encoded part and perhaps
re-encode it with a different encoding.
 - Change or delete various headers including Subject:, To:, From:
 - Replace some MIME parts with URLs of where they were stored and
flatten the entire message into a single plain text message (scrubber).
 - Probably other things I'm overlooking.


>The only
>other problem that I've had with mailman is that it sometimes reorders the
>dkim-signature header field itself which causes the signature to break. I've
>been trying to figure out where in the code it does that so that we could
>either fix it or compensate for it when I'm creating the signature itself.


Other than the code which removes these headers, Mailman doesn't touch
them. If they get modified in Mailman processing, it would have to be
in the Python email library in the process of parsing the raw message
into an email message object and then ultimately converting the
message object back into raw text to be sent, but I don't think the
email library does anything to headers that aren't explicitly
processed in some way.


-- 
Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Developers mailing list