ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Postfix: change of Content-Transfer-Encoding breaks DKIM signature / RFC recommendation

2009-03-25 16:11:48
from [Florian Sager] [Permanent Link] 
Hi,

no matter which process will be chosen next the following small
correction should be considered:

According to the mails below the RFC compliant change of content
encoding in MTA-forwarding may break signatures that follow the RFC 4871
recommendation to include header "Content-Transfer-Encoding" in the
signature. This header should be removed from section 5.5. Recommended
Signature Content (The following header fields SHOULD be included in the
signature ...).

Regards,
Florian



Wietse Venema schrieb:

Florian Sager:
  

Hi Wietse,

I'd like to get your evaluation of the following aspect before
discussing this on the DKIM mailing list, maybe:

In the context of testing DKM monitoring services in
http://www.dkim-reputation.org we experienced that postfix changed

an incoming Content-Transfer-Encoding: 7bit
to
an outgoing Content-Transfer-Encoding: quoted-printable
    


See RFC 1652 section 3.

When sending 8BITMIME into a software that does not support 8BITMIME,
the sending mail system must convert to 7bit or return the mail.

You can turn this off in YOUR Postfix, but that really does not
prevent other RFC-compliant mail systems from converting to 7bit.

See also: http://www.postfix.org/FILTER_README.html section "
Advanced content filter: sending unfiltered mail to the content
filter" for how to avoid conversions with stupid content filters.

      Wietse

  

The DKIM signature in the mail was broken afterwards, 'cause the Content-T
-ransfer-Encoding header was included like it's proposed in http://www.ietf.o
-rg/rfc/rfc4871.txt, 5.5.  Recommended Signature Content (The following heade
-r fields SHOULD be included in the signature ...).

I guess that changes in the encoding are allowed in forwarding mail so the
- DKIM header inclusion recommendation might be erroneous?

Regards,
Florian


===

Agitos Websolutions
Florian Sager, Bernhard Heindl und Christian Heindl GbR
Stifterstrasse 16, 83026 Rosenheim

Telefon: 089/45867554
Telefax: 089/45867555
Support: support(_at_)agitos(_dot_)de
http://www.agitos.de



    


  


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] DKIM/ADSP edge case writeup at CircleID, Hector Santos
Next by Date:  [ietf-dkim] errata revision: opaque, Dave CROCKER
Previous by Thread:  [ietf-dkim] DKIM/ADSP edge case writeup at CircleID, MH Michael Hammer (5304)
Next by Thread:  Re: [ietf-dkim] Postfix: change of Content-Transfer-Encoding breaks DKIM signature / RFC recommendation, Wietse Venema
Indexes:  [Date] [Thread] [Top] [All Lists]