Re: other domains forging dkim sig

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: A. Schulze <sca_at_andreasschulze.de>
Date: Thu, 06 Nov 2014 20:44:09 +0100

shmick:

> from time to time i see google passing multiple other external domains
> for dkim
>
> 1.2.3.4 is the domain purported to have dkim signed from one of my
> domains example.net
>
> how is that possible other than a private key compromise or a mistake by
> google ?

could also be a message signed by example.net, send to 10.20.30.40
where it's forwarded to 1.2.3.4 where it's forwarded to Google.
Both forwarder don't modify the content so the dkim signature is still valid.

If example.net is unsure about compromised keys they could immediately
use new key.

Andreas
Received on Thu Nov 06 2014 - 19:44:30 PST

This archive was generated by hypermail 2.3.0 : Thu Nov 06 2014 - 19:54:00 PST