John Levine wrote:
In our testing at Cisco, we are seeing a small but significant number
of failure mainly due to various system bots that send naked CR's in
a message.
Yeah, there are a lot of badly written MUAs.
What I have found is that at the very least, sendmail and Ironport
handle these two cases differently.
Right. Different MTAs do different, fairly random things to mail that
isn't 2822 compliant. (They do random things to mail that is
compliant, but their mutations to non-compliant mail are more
extreme.) Trying to guess what's going to happen and to try to
program around it is a guaranteed exercise in frustration.
In the months since we went live with probably hundreds of millions
of messages passing through our signers/verifiers, this is the only thing
that I've seen with any consistency that breaks the body with simple.
You keep raising the spectre of slippery slopes, but in fact the millions
and zillions of ways that things could be broken doesn't seem to be borne
out in reality, at least in our experience.
My strong suggestion is to say that if you want your DKIM signatures
to interoperate, you should only sign compliant mail.
That's completely unhelpful.
If someone or
something injects a non-compliant message to your MTA, fix it before
signing it. It's hard for me to envision a situation where this isn't
the right thing to do.
I guess you could take that up with Eric, and the half of the email
infrastructure
that runs his software.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html