dkim-dev
[Top] [All Lists]

[dkim-dev] DKIM Reflectors produce wrong results

2008-04-14 07:00:27
Background:
I have developed MTA-integrated DKIM code (implemented from scratch and 
not based on libdkim) which has to sign/verify several thousands mails 
per day. About 10% of all DKIM signed mails fails to verify. Almost all 
of that failing mails have a MIME part with "Content-Transfer-Encoding: 
quoted-printable".

At first, I assumed a bug in my body canonicalization algorithm and 
started to check several of that failing mails against DKIM reflectors. 
During this test I have used, among others, this mail:

---- BEGIN ORIGINAL MAIL-----
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; t=1208175282; l=612; 
s=domk; d=spammy.de;
  h=Content-Type:Date:Sender:From:to:Subject:MIME-Version:Reply-To:
  X-RZG-AUTH:X-RZG-CLASS-ID;
  bh=0xkwtWDyAkwZ+XGb6Ty4hFi1MwxQUipNk+mxIvRIijQ=;
  b=eH9mANfgU6qNKnoLJm6yNyKicmhOXwdzlN9gagiNZjgAE2/X4sEbO51zTvkfD2yAdQ9
  +64SWxfTpT7tHyhdRUw12BFPDsaYcuZvbt36N/ZyMEJXaJTmqOA0K2xAZ8E4jo3ZgKp1J
  Z5gyGCoSjml0ODf+r4OGSb7QDZlW/TpvQkc=
X-RZG-CLASS-ID: mo07
X-RZG-AUTH: gMy4iLuoo0mwStkpFrn1D3wpdvX8/TGeLTM6LWkZs4LPT9L9WRsmyy74
Received: from chance.store ([192.168.40.26]) by post.webmailer.de 
(fruni mo-test) (RZmta 16.21)
  with ESMTP id L02c2ek3EBE9Ma
  for ; Mon, 14 Apr 2008 14:14:42 +0200 (MEST)
  (envelope-from: )
Reply-To: lehmann(_at_)strato-rz(_dot_)de
MIME-Version: 1.0
Subject: DKIM Test
to:
Message-ID: <004E30A6(_at_)spammy(_dot_)de>
From: brakel(_at_)spammy(_dot_)de
Sender: brakel(_at_)spammy(_dot_)de
Date: Fri, 11 Apr 2008 16:14:06 +0200
Content-Type: multipart/related; boundary="=_related 004DF4F0C1257428_="

Dies is a multi-part message in MIME-format.
--=_related 004DF4F0C1257428_=
Content-Type: multipart/alternative; boundary="=_alternative 
004DF4F3C1257428_="


--=_alternative 004DF4F3C1257428_=
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable


      =B7          =B7         =B7          =B7=20
Sandra Ree=
s=20


--=_alternative 004DF4F3C1257428_=
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable

<br><font size=3D2 face=3D"sans-serif">Hallo Herr Meyer,

</font>
--=_alternative 004DF4F3C1257428_=--
--=_related 004DF4F0C1257428_=--
----- END ORIGINAL MAIL-----

Notes:
All white spaces are spaces (0x20), not TABs (0x09).
The lines "---- BEGIN ORIGINAL MAIL-----" and "----- END ORIGINAL 
MAIL-----" are not part of the mail.


This mail body will be reflected by the reflectors as follows:

content-type:multipart/related;'20'boundary="=_related'20'004DF4F0C1257428_="'0d''0a'
 
date:Fri,'20'11'20'Apr'20'2008'20'16:14:06'20'+0200'0d''0a'
sender:brakel(_at_)spammy(_dot_)de'0d''0a'
from:brakel(_at_)spammy(_dot_)de'0d''0a'
to:'0d''0a'
subject:DKIM'20'Test'0d''0a'
mime-version:1.0'0d''0a'
reply-to:lehmann(_at_)strato-rz(_dot_)de'0d''0a' 
x-rzg-auth:gMy4iLuoo0mwStkpFrn1D3wpdvX8/TGeLTM6LWkZs4LPT9L9WRsmyy74'0d''0a'
x-rzg-class-id:mo07'0d''0a' 
dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed;'20't=1208175282;'20'l=612;'20's=domk;'20'd=spammy.de;'20'h=Content-Type:Date:Sender:From:to:Subject:MIME-Version:Reply-To:'20'X-RZG-AUTH:X-RZG-CLASS-ID;'20'bh=0xkwtWDyAkwZ+XGb6Ty4hFi1MwxQUipNk+mxIvRIijQ=;'20'b=

Dies'20'is'20'a'20'multi-part'20'message'20'in'20'MIME-format.'0d''0a'
--=_related'20'004DF4F0C1257428_='0d''0a' 
Content-Type:'20'multipart/alternative;'20'boundary="=_alternative'20'004DF4F3C1257428_="'0d''0a'
'0d''0a'
'0d''0a'
--=_alternative'20'004DF4F3C1257428_='0d''0a'
Content-Type:'20'text/plain;'20'charset="ISO-8859-1"'0d''0a' 
Content-Transfer-Encoding:'20'quoted-printable'0d''0a'
'0d''0a'
'0d''0a' 
'20''20''20''20''20''20'=B7'20''20''20''20''20''20''20''20''20''20'=B7'20''20''20''20''20''20''20''20''20'=B7'20''20''20''20''20''20''20''20''20''20'=B7=20'0d''0a'
 
Sandra'20'Ree='0d''0a'
s=20'0d''0a'
'0d''0a'
'0d''0a'
--=_alternative'20'004DF4F3C1257428_='0d''0a'
Content-Type:'20'text/html;'20'charset="ISO-8859-1"'0d''0a' 
Content-Transfer-Encoding:'20'quoted-printable'0d''0a'
'0d''0a'
Hallo'20'Herr'20'Meyer,'0d''0a'
'0d''0a'
'0d''0a'
--=_alternative'20'004DF4F3C1257428_=--'0d''0a'
--=


The problem is the very last body line "--=_related 
004DF4F0C1257428_=--". This line appears truncated in the canonical 
message dump as "--=", what causes the body hash verification to fail.

The following reflectors produce the same wrong result as shown above:
    test(_at_)dkimtest(_dot_)jason(_dot_)long(_dot_)name
    verifier-feedback(_at_)port25(_dot_)com
    mail(_at_)testing(_dot_)dkim(_dot_)org

It seems to be a problem in the under-laying libdkim.

The body line "      =B7          =B7         =B7          =B7=20" the 
the line that probably triggers that bug. 

Note to DKIM Reflector developers: It would be nice to see also the 
calculated hash value(s).

It would be nice whether I do something wrong or I have found a bug.

Steffen


_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev

<Prev in Thread] Current Thread [Next in Thread>