ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] How mailing lists mutate messages

2006-01-23 15:02:58

Hi Tony,

But presumably just adding List-ID: or similar would be ok?

Stephen.

Tony Hansen wrote:
I'm tempted to say: if the mailing list is going to do *anything* to the
message other than act as a simple reflector, it *must* strip out any
existing dkim signature. What it does after that is up to the mailing list.

        Tony Hansen
        tony(_at_)att(_dot_)com

John Levine wrote:
So I'm asking for a pointer to the "how mailing lists break
signatures" report, if it exists so I can learn a bit more.
This was argued at some length about a year ago, but I can't
dig up offhand exactly where.  Here's some of the more popular
mutations:

- Add fixed list name tag and varying message serial number to Subject:

- Add, delete, or replace Reply-To: header

- Reformat From: line into a standard form, e.g.,  <a(_at_)b> foo  ->  a(_at_)b 
(foo)

- Add a bunch of extra headers like List-ID: and Precedence:
(shouldn't affect signature unless one replaces an existing header)

- Add a footer to the end of the body

- Add a "fronter" to the beginning of the body

- Add, delete, or reorder MIME parts

- Unpack and re-pack MIME parts with different delimiters

- Add a footer to one or more MIME parts

- Edit a footer into an HTML part (Yahoo groups does this)

- Convert HTML to text or vice versa

- Recode between 7bit and 8bit, or quoted printable to/from base64

I quickly came to the conclusion that other than the shrinking
minority of lists that do nothing at all to headers or body, it's
completely hopeless to try to make a signature that will survive list
processing.

And I still have a lot of trouble thinking of plausible scenarios
where mail from a domain with SSP restrictions would legitimately be
sent through a list.
_______________________________________________
ietf-dkim mailing list
http://dkim.org



_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>