[Mailman-Developers] dkim-signature headers

Mark Sapiro msapiro at value.net
Thu Feb 8 02:08:37 CET 2007 

Michael Thomas wrote:
>
>Frankly I think you'll be screwed even if you remove them too; removing
>them will not allow you to fly below the radar. Consider if Y! and Gmail
>had a bilateral agreement that they expect each other's mail to be signed
>and to put it in the bit bucket if it wasn't. It makes no difference whether
>you removed it or not: it lacks a valid signature in both cases. In that 
>case,
>the only thing you could do is not destroy and/or remove the signature.


Consider the headers and structure as follows (From: munged) of a
message I just received from a Y! user.


DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
 
h=X-YMail-OSG:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
 
b=Cz7v0Jd51rc72THmOlqA/rac152bUZdiFm2T2IAFflFuxVHHKJmabS0rzD2tU5zVSofVoc0rVg0g7t0NaDGRMt7JxXK8reox7TzMephYOxI0zcr5iWGejG57Fn/gcQtqng8uG0vAJLw1mfXHMaCcz726cj4iYQOYzbCb6UxXH4g=;
X-YMail-OSG:
9QE.IHIVM1k8MHil45oNbkt10TvkD0DVytKmI1Ki4W.WDhIT4Qq6HnLM6dCWNcikXlMu.1lftQrfhq1fgEKml97AoKamDnsG4bZNT_FRLyHVTcU_cuUp7W04PgOjiNd9HJK6MSNeJsfDUfVqrnegItcDfJ1Kjs5tGYyMqDp084T22mRvpc3swag-
Received: from [69.232.227.173] by web82813.mail.mud.yahoo.com via
HTTP; Wed, 07 Feb 2007 15:00:43 PST
Date: Wed, 7 Feb 2007 15:00:43 -0800 (PST)
From: xxxxx
Subject: Re: feb. 25th
To: Mark Sapiro <msapiro at value.net>
In-Reply-To: <PC1760200702061639520756a77058a8 at msapiro>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="0-1589639226-1170889243=:32077"
Content-Transfer-Encoding: 8bit
Message-ID: <276441.32077.qm at web82813.mail.mud.yahoo.com>


--0-1589639226-1170889243=:32077
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

<snipped>


--0-1589639226-1170889243=:32077
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

<snipped>
--0-1589639226-1170889243=:32077--


(My MUA will mung the DomainKey-Signature: by wrapping, but it looked
OK as I received it)

I submit that there is nothing that Mailman could do to this message in
the way of filtering content or adding msg_footer that wouldn't break
the signature.

I also submit that this message structure is typical of the vast
majority of mail that originates from Y!

Thus, it seems that the choice is break the signature or make no
changes whatsoever to the message other than adding more headers.

Mike talks about the l= parameter allowing adding trailing content, but
I don't see Y! and Gmail using it, and even if they did, how would we
(could we) add a footer without breaking either the signature or the
MIME structure of the message.

-- 
Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Developers mailing list