Bug#939808: exim4: Very problematic default DKIM_SIGN_HEADERS
Marc Haber
mh+debian-packages at zugschlus.de
Mon Sep 9 06:22:16 BST 2019
tags #939808 upstream
thanks
Hi,
it would probably be a good idea to discuss this with upstream. I don't
think that Debian should do a local patch here.
Greetings
Marc
On Mon, Sep 09, 2019 at 04:10:33AM +0200, Guillem Jover wrote:
> The default DKIM_SIGN_HEADERS macro contains many headers that make
> sending mails to mailing lists or (re)sending mails on someone's
> behalf pretty much infeasible. This has big impact on systems with
> strict DKIM and DMARC policies.
>
> There are several of the listed fields that are intended to be set by the
> system resending a mail, be that a mailing list or a third-party. If these
> fields are listed in the default set it means any mail going through those
> systems will contain a signature for an empty header, which will then be
> filled and fail signature validatation. Moreover the RFC4871 and RFC6376
> in their §5.4 section mentions that signing missing fields should be done
> carefully.
>
> Mark Sender and all Resent-* and List-* fields to only be signed if
> present.
>
> Add also duplicate entries for the From and Subject fields, to reject
> appended fields.
>
> There's a related write up at
> <https://begriffs.com/posts/2018-09-18-dmarc-mailing-list.html>.
>
> I'm attaching a patch that should fix this.
>
> Thanks,
> Guillem
> Description: Fix default DKIM_SIGN_HEADERS macro.
> There are several of the listed fields that are intended to be set by the
> system resending a mail, be that a mailing list or a third-party. If these
> fields are listed in the default set it means any mail going through those
> systems will contain a signature for an empty header, which will then be
> filled and fail signature validate. Moreover the RFC4871 and RFC6376 in
> their §5.4 section mentions that signing missing fields should be done
> carefully.
> .
> Add also duplicate entries for the From and Subject fields, to reject
> appended fields.
> Author: Guillem Jover <guillem at hadrons.org>
> Last-Update: 2019-09-08
>
>
> ---
> src/pdkim/pdkim.h | 16 ++++++++--------
> 1 file changed, 8 insertions(+), 8 deletions(-)
>
> --- a/src/pdkim/pdkim.h
> +++ b/src/pdkim/pdkim.h
> @@ -26,14 +26,14 @@
> #include "../blob.h"
> #include "../hash.h"
>
> -#define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
> - "Message-ID:To:Cc:MIME-Version:Content-Type:"\
> - "Content-Transfer-Encoding:Content-ID:"\
> - "Content-Description:Resent-Date:Resent-From:"\
> - "Resent-Sender:Resent-To:Resent-Cc:"\
> - "Resent-Message-ID:In-Reply-To:References:"\
> - "List-Id:List-Help:List-Unsubscribe:"\
> - "List-Subscribe:List-Post:List-Owner:List-Archive"
> +#define PDKIM_DEFAULT_SIGN_HEADERS \
> + "From:From:=Sender:Reply-To:Subject:Subject:Date:To:Cc:"\
> + "Message-ID:In-Reply-To:References:MIME-Version:"\
> + "Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:"\
> + "=Resent-Date:=Resent-From:=Resent-Sender:=Resent-To:=Resent-Cc:"\
> + "=Resent-Message-ID:"\
> + "=List-Id:=List-Help:=List-Unsubscribe:=List-Subscribe:=List-Post:"\
> + "=List-Owner:=List-Archive"
>
> /* -------------------------------------------------------------------------- */
> /* Length of the preallocated buffer for the "answer" from the dns/txt
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-exim4-maintainers
mailing list