ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Interesting Dupe Signatures

2009-10-31 15:01:07
Michael Thomas wrote:

Is this really worth worrying about? I mean, the amount of
actual ham is in the vast minority so even if all of your ham
was doing tons of anti social things it probably wouldn't make
much if any difference in your average border mail gateway's job.

Possibly mike. I certainly do not wish to do more work than necessary.

But I have to consider customer sites patterns with heavy facebook 
users seeing tons of fb notifications and see if a simple check can 
add to the optimization.

Before that though, I need to see if this can be confirm by others. 
Checking yesterday's logs and collection of dkim messages, I see 
intermittent FB dupe signature messages and I just found one with 4 
duplicate signatures:

   DKIM-Signature: v=1; a=rsa-sha1; d=facebookmail.com; s=q1-2009b;
         c=relaxed/relaxed;
        q=dns/txt; i=(_at_)facebookmail(_dot_)com; t=1256955289;
        h=From:Subject:Date:To:MIME-Version:Content-Type;
        bh=Qfz3NWckqB6n8R6eXuamGE/bU/k=;
         b=gwjR3fg8RpRr6X2TvywoXBSiP2niRsyCoKBsnW0yaNxkJk4t
         87dWx8H/rXEN54O6jHf+Uf9mG4Tth7ZcoNY+GA==;

times 4.

So although its the only header exhibiting dupes and I don't see this 
behavior with other DKIM signers, I am still going to give FB the 
benefit of the doubt and check if this FB signature is somehow raising 
a hidden reception bug in our code. Off hand I doubt it since our code 
is using DATA 8k buffer read/write to a temp file. i.e, its not 
reading per line in the DATA block but FB might be sending it per 
line.  I have to see whats going on there.

Be great if someone else with incoming fb notifications can confirm 
this intermittent behavior. If its a FB issue, then probably there is 
no need to bother.  But Steve did raise an interesting point with two 
(or more) different signers (perhaps blindly) stamping the same 
message content.  Resigners really shouldn't be doing that unless they 
are going to break the integrity, right?

--
HLS
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html