ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Example of DKIM bypasses RFC5322 Checking

2010-10-12 12:07:37
from [Hector Santos] [Permanent Link] 
Ian Eiloart wrote:


Hector Santos <hsantos(_at_)isdg(_dot_)net> wrote:



  DKIM signed Double From  ----> Accepted, Resigned by mipassoc.org



Yes, we saw that.




  No Signature, Double From ---> Trapped/rejected by mipassoc.org


Really? You tested this? I assumed the message was accepted because it 
contained a From: header belonging to a list member. Not because it was 
signed.


The list checks the 5321.Mail From address (return path), not the 
5322.From.

Yes, tested twice.  I got a bounce back from the list saying it was 
waiting moderator approval and it gave me the opportunity to click a 
URL to cancel the submission.

GMAIL imports it the spam box as a "NO SUBJECT" message because it 
stripped all headers and recreates its own.

You will find this common with many MTA that use a "Valid 822 or 
2822/5322" detector.

Let me try it again...  Yup.  I created a 5322 message with two 
5322.From and no signature:

               ------------------------------

    ENV-FROM: <hsantos(_at_)isdg(_dot_)net>
    ENV-TO: <ietf-dkim(_at_)mipassoc(_dot_)org>
    ENV-DATA:
    From: President Obama <obama(_at_)whitehouse(_dot_)gov>
    Message-ID: <4CAA540B(_dot_)5050605xxxaxdsada(_at_)isdg(_dot_)net>
    Date: Mon, 12 Oct 2010 12:24:11 -0400
    From: Hector Santos <hsantos(_at_)isdg(_dot_)net>
    Subject: Non-signed, double from
    User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
    MIME-Version: 1.0
    To: ietf-dkim(_at_)mipassoc(_dot_)org

    Non-signed, double from

    --
    HLS
               ------------------------------

When I put that message in the router outbound spool, the MTA routed 
it to mipassoc.org and this is the list approval message I just received:

               ------------------------------
Received: by winserver.com (Wildcat! SMTP Router v6.3.453.5)
           for hsantos(_at_)isdg(_dot_)net; Tue, 12 Oct 2010 12:45:33 -0400
Authentication-Results: dkim.winserver.com;
   dkim=pass header.i=mipassoc.org header.d=mipassoc.org header.s=k00001;
   adsp=none author.d=mipassoc.org signer.d=mipassoc.org;
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17])
   by winserver.com (Wildcat! SMTP v6.3.453.5) with ESMTP
   id 1159772343; Tue, 12 Oct 2010 12:45:29 -0400
Received: from sbh17.songbird.com (sbh17.songbird.com [127.0.0.1])
        by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o9CGk3pR011186
        for <hsantos(_at_)isdg(_dot_)net>; Tue, 12 Oct 2010 09:46:08 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=mipassoc.org;
    s=k00001; t=1286901968; bh=GkF+Zni/AmU95QUngEpyvADEq+U=;
    h=MIME-Version:Content-Type:Content-Transfer-Encoding:Subject:
    From:To:Message-ID:Date:List-Id:Sender;
    b=TF05IDrPNZZkxMxywTFfz8O/w3Hmr/cE42u5jEXBHMX
EYrWHRYjdfdVipu0RZ4kvY8vYtkbsZLHvtqtXdi2cgu16xWxuwltYn/+MmPmEufyu47
        GtNzERKTf0Tbp+4Hm8EmjayZI3pP0tlkDrZ+cSkfxwwKOm7EBvF+9xrPlmB1k=
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: Your message to ietf-dkim awaits moderator approval
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
To: hsantos(_at_)isdg(_dot_)net
Message-ID: 
<mailman(_dot_)2971(_dot_)1286901961(_dot_)2420(_dot_)ietf-dkim(_at_)mipassoc(_dot_)org>
Date: Tue, 12 Oct 2010 09:46:01 -0700
Precedence: bulk
X-BeenThere: ietf-dkim(_at_)mipassoc(_dot_)org
X-Mailman-Version: 2.1.9
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
X-List-Administrivia: yes
Sender: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
Errors-To: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 
(sbh17.songbird.com [127.0.0.1]); Tue, 12 Oct 2010 09:46:08 -0700 (PDT)

Your mail to 'ietf-dkim' with the subject

     (no subject)

Is being held until the list moderator can review it for approval.

The reason it is being held:

     Message has implicit destination

Either the message will get posted to the list, or you will receive
notification of the moderator's decision.  If you would like to cancel
this posting, please visit the following URL:
 
http://mipassoc.org/mailman/confirm/ietf-dkim/c3ab82450dcdff2c7e15dcfc1748c57f69c4e956
               ------------------------------

So this is to show you that it isn't about a receiving MTA not being 
compliant with RFC 5322, it is about a DKIM loophole.  Thats not to 
say any component in the integrated mail network is not responsible 
for RFC5322 checking, but DKIM can not expect everyone to do it right, 
thus it needs to check for itself.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments, Barry Leiba
Next by Date:  Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments, Hector Santos
Previous by Thread:  Re: [ietf-dkim] detecting header mutations after signing, Ian Eiloart
Next by Thread:  Re: [ietf-dkim] Example of DKIM bypasses RFC5322 Checking, Ian Eiloart
Indexes:  [Date] [Thread] [Top] [All Lists]