Re: Strict canonicalization considered harmful

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Fri, 5 Dec 2014 15:43:51 -0800 (PST)

On Fri, 5 Dec 2014, Alessandro Vesely wrote:
> Hi,
> a user reported problems with a long (us-ascii) From:, so I tried
> myself. My first attempt went ok, but then I noted he used
> simple/simple rather than relaxed/relaxed. So I temporarily changed my
> settings. This time I failed too.
>
> I sent an empty message to each of the remailers in opendkim-README:
>
> sa-test_at_sendmail.net
> check-auth_at_verifier.port25.com
> autorespond+dkim_at_dk.elandsys.com
> test_at_dkimtest.jason.long.name
> dktest_at_exhalus.net
> dkim-test_at_altn.com
> dktest_at_blackops.org
>
> In addition, I tried Gmail, Yahoo!, and the following three:
> http://www.brandonchecketts.com/emailtest.php
> http://www.appmaildev.com/en/dkim/
> http://9vx.org/~dho/dkim_validate.php
>
> Results: test_at_dkimtest.jason.long.name bounced, the last two succeeded, the
> rest failed. To be more precise, applemaildev failed on an empty message like
> the one below; however, it succeeded when the body contained some text. The
> other checkers manage to munge the From: line before verification, so they
> cannot succeed.

sa-test_at_sendmail.net is probably running a pretty old version of OpenDKIM
by now (though I haven't checked). The blackops.org always runs the
latest code. No idea about the rest.

However, I just sent an empty message (using alpine as the MUA) through
blackops.org to sendmail.net and it came back fine.

I'm not sure if your results mean DKIM validators are buggy, or a lot of
infrastructure monkeys with empty messages, or both, or something else.

It would be interesting to know what results you get for simple/relaxed
and relaxed/simple as that would give us some hints about whether it's a
header problem or a body problem. I would put my money on the latter
(though not very much of it).

-MSK
Received on Fri Dec 05 2014 - 23:44:09 PST

This archive was generated by hypermail 2.3.0 : Fri Dec 05 2014 - 23:54:02 PST