Skip to content

dkim_sign: Normalize CRLF->LF for DKIM-Signature

David Verdin requested to merge github/fork/zmousm/dkim_sig_lf into sympa-6.2

Created by: zmousm

Mail::DKIM::Signer wraps DKIM-Signature with with \r\n\t; this is the hardcoded Separator passed to Mail::DKIM::TextWrap via Mail::DKIM::KeyValueList. MIME::Tools on the other hand (MIME::Head::stringify() in particular) encode EOL as plain \n; it is thus necessary to normalize CRLF->LF for DKIM-Signature to avoid confusing the mail agent.

Exim in particular handles line endings by observing these rules of interest:

  • If a bare CR is encountered within a header line, an extra space is added after the line terminator so as not to end the header line. The reasoning behind this is that bare CRs in header lines are most likely either to be mistakes, or people trying to play silly games.
  • If the first header line received in a message ends with CRLF, a subsequent bare LF in a header line is treated in the same way as a bare CR in a header line.

The result can be seen in the following example, where:

  • all headers following DKIM-Signature are indented by one space and are practically lost
  • Exim readds Message-Id and From (using gecos field for sympa system user)
  • DKIM signature is rendered invalid
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=lists.grnet.gr; h=date:to
	:from:message-id:subject:reply-to:sender:list-id:list-help
	:list-subscribe:list-unsubscribe:list-post:list-owner
	:list-archive; s=mysel; i=nontasv-test-request@lists.grnet.gr;
	 bh=7uqDQo3EVTnDX6HK/OlpR/tasWM=; b=l7ugudUBhte8kP/LDLh0+jvKlL5K
	ugS+4SduK4gbef68g+E08QjwZT1bF60EmFHd+0OUl6pTFlNxHqXkCphLawr3e1i8
	1ntMEItO50EDPA6FE94VpnFk89Oq+JjYC/hCEQG6mTxSJor9cRBc0oOY3+kPBxqn
	990yRm1gwGTXe0Y=
 Return-path: <zmousm@grnet.gr>
 Envelope-to: nontasv-test@lists.grnet.gr
 Delivery-date: Thu, 04 Apr 2019 18:28:01 +0300
 Received: from mx0.grnet.gr ([2001:648:2ffc:200::161])
 	by lists.grnet.gr (envelope-from <zmousm@grnet.gr>)
 	with esmtp (Exim 4.89 (Debian GNU/Linux))
 	id 1hC4HZ-0002nI-QY
 	for nontasv-test@lists.grnet.gr; Thu, 04 Apr 2019 18:28:01 +0300
 Date: Thu, 04 Apr 2019 18:28:01 +0300
 To: nontasv-test@lists.grnet.gr
 From: zmousm@grnet.gr
 X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
 Message-Id: <E1hC4HZ-0002nI-QY@lists.grnet.gr>
 Subject: [nontasv-test] test Thu, 04 Apr 2019 18:28:01 +0300
 Reply-To: nontasv-test@lists.grnet.gr
 X-Loop: nontasv-test@lists.grnet.gr
 X-Sequence: 12
 Errors-To: nontasv-test-owner@lists.grnet.gr
 Precedence: list
 Precedence: bulk
 Sender: nontasv-test-request@lists.grnet.gr
 X-no-archive: yes
 List-Id: <nontasv-test.lists.grnet.gr>
 List-Help: <mailto:sympa@lists.grnet.gr?subject=help>
 List-Subscribe: <mailto:sympa@lists.grnet.gr?subject=subscribe%20nontasv-test>
 List-Unsubscribe: <mailto:sympa@lists.grnet.gr?subject=unsubscribe%20nontasv-test>
 List-Post: <mailto:nontasv-test@lists.grnet.gr>
 List-Owner: <mailto:nontasv-test-request@lists.grnet.gr>
 List-Archive: <http://lists.grnet.gr/sympa/arc/nontasv-test>
 Archived-At: <http://lists.grnet.gr/sympa/arcsearch_id/nontasv-test/2019-04/E1hC4HZ-0002nI-QY%40lists.grnet.gr>
 This is a test mailing
Message-Id: <E1hC4Hc-0002nZ-Ha@lists.grnet.gr>
From: "Sympa mailing list manager,,," <nontasv-test-owner@lists.grnet.gr>
Date: Thu, 04 Apr 2019 18:28:04 +0300

Merge request reports

Loading