On July 29, 2005 at 14:58, Michael Thomas wrote:
subdomainof ($test, $domain) {
if ($test is improper subdomain of $domain)
return TRUE;
else
return FALSE;
}
Shouldn't subdomainof return TRUE if $test is a proper subdomain
of $domain?
verifysignature () {
return TRUE if public key verify succeeds, FALSE otherwise;
}
verifysignature => verify_signature
dkim_verify () {
if ($i == NULL) {
// i is missing, default to $d and null
$i_localpart = "";
$i_domainpart = $d;
} else {
// split into constituent parts
$i_localpart = localpart ($i);
$i_domainpart = domainpart ($i)
}
// make certain that the domain in $i is a subdomain of $d
if (! subdomainof ($i_domainpart, $d))
return NOVERIFY;
// enforce the granularity requirement
if (! regexmatch ($i_localpart, $g))
return NOVERIFY;
if (verify_signature ())
return VERIFY;
else
return NOVERIFY;
}
General comment: It may be useful to have different indicators
specify why the signature did not verify. Make failure report
analysis much easier.
$outsideheaders = "From, Sender";
$from = ; // 2822 From: address in msg
dkim_bindToOutsideHdrs () {
foreach ($hdr in $outsideheaders) {
if (dkim_bindToHdr ($hdr) == BIND) {
if ($hdr != "From") {
$policy = dkim_signerPolicy (domainpart ($from));
if ($policy == strict || $policy == nomail)
return FAIL;
else
return PASS;
} else
return PASS;
}
}
return NEUTRAL;
}
To clarify, the SSP is only checked if i= does not match From?
Even if the signature RSA validates.
dkim_receiver () {
// first do the verification operation
dkim_verify ();
// now see if they bind
return dkim_bindToOutsideHdrs ();
}
I still think it is possible to do "partial" spoofing. For example,
a malicious domain can bind to the rfc2822.Sender address, and if the
rfc2822.From SSP allows 3rd-party signing, malicious domain can
send out messages with whatever rfc2822.From as long as they use
a rfc2822.Sender in their domain. Due to this, no one should
ever enable 3rd-party signing.
MUAs tend to highlight only the rfc2822.From and not the
rfc2822.Sender. It seems to me that if DKIM is going to be accepted by
the end-user community, MUAs will need to become DKIM-aware so proper
verification indications can be displayed to message receipients.
--ewh