spf-discuss
[Top] [All Lists]

Re: Ignoring rejected mail?

2004-12-07 13:31:34
Hello!

On Wed, Dec 01, 2004 at 07:31:20PM +0000, Mark wrote:
[...]

But, this way, does SES not require 'the cooperation of the entire world'
then, too? If sender A signs, using SES, and sends it to B, who runs it
over the infamous .forward file, adding a wee blurb, like "Thanks for
using this fine forwarding service!", or, more realistically, "This mail
was scanned with Anti-Virus product such-and-so," then B essentially needs
to do its own SES (re)writing, right?  Because if he doesn't, then
recipient C will check SES signature of A, and decide that the message
is a forgery! Then B is faster off just doing a quick SRS rewrite. ;)

- Mark 

Even if the point by David doesn't hold, the receiving host could say
"SES passed envelope verification, but failed body verification; perhaps
something was added".

One could even heuristically try to strip off things that are probable
additions, i.e. retry hashing with the last few lines taken off line by
line, and for headers, you could exclude trace, X- and a few other
typical headers anyway. Headers I'd exclude could perhaps be things like
this:

my @remove_headers = ('received', 'return-path',        # added trace info
    'delivered-to',     # sometimes added by receiving MTAs, perhaps
                        # also by semi-broken forwarders
    'xref', 'path',     # if it was mail->news->mail
    'sender', 'x-sender',       # if forwarders change'em
    'envelope-to', 'delivery-date',     # see delivered-to
    'originator', 'relay-version', 'posted',    # mail->news->mail
    'x-trace', 'x-complaints-to', 'nntp-posting-host', 'nntp-posting-date'
        # mail->news->mail
    'x-gmx-antivirus', 'x-gmx-antispam', 'x-uidl',
    'x-priority', 'x-mailscanner',
    'x-msmail-priority', 'x-mimeole',
    'x-spamscanner', 'x-spam-level', 'x-flags',
    'x-virus-scanned'); # examples for added x- headers

Kind regards,

Hannah.