RE: opendkim body hash did not verify problem

From: Murray S. Kucherawy <msk_at_cloudmark.com>
Date: Sun, 25 Apr 2010 15:07:22 -0700

> -----Original Message-----
> From: opendkim-users-bounce_at_lists.opendkim.org [mailto:opendkim-users-
> bounce_at_lists.opendkim.org] On Behalf Of Dino Ciuffetti
> Sent: Sunday, April 25, 2010 11:07 AM
> To: opendkim-users_at_lists.opendkim.org
> Subject: Re: opendkim body hash did not verify problem
>
> I'll post to the courier-users list if Sam Varshavchik (the courier
> main
> developer) can have a short term fix for this rewrite problem. When I
> asked how to disable header mangling in courier the answer sounded like
> a
> big no-no :-)
>
> Courier is designed to demand all filter stuff to external global
> filters,
> where for example DKIM is implemented (by people like me that do not
> want
> to know too much how courier internal stuff come into play).
> Global mailfilters are feeded with a mail just after the mail is picked
> and rewritten in part by courier mta core.
> From here the problem.

The DKIM perspective is this: Any MTA or MLM that alters a signed message should re-sign it after altering it before sending it on its way again. It might also be the case that such an MTA or MLM should remove other signatures as well (since it renders them invalid) but that's a matter of opinion right now until there's more data collected.

> I'm having fun with openDKIM!

Glad you're enjoying it!

-MSK
Received on Sun Apr 25 2010 - 22:07:32 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:19:47 PST