[Mailman-Developers] dkim-signature headers

Michael Thomas mat at cisco.com
Fri Feb 2 03:03:06 CET 2007 

We've been running with dkim signatures over a large population for nearly
a year and have had no indication whatsoever that broken signatures do 
anything
of the sort. Leaving the signatures in allows smarter receivers to have 
a chance
to verify them, not to mention that deleting them destroys the forensic 
value of
the signature.

I'm not sure that you all appreciate that resigning a message is no 
panacea. It's
helpful, but only to a degree: a third party signature from a remailer 
is not a
substitute for a first party signature from the From domain. If you have 
just
a valid third party signature, the signing domain would need to be 
_specifically_
whitelisted by the receiver to be considered an acceptable signature 
lest you be
subject to attacks by rogue third party signers. So to the degree that 
first party
signatures can be validated the better.

       Mike

Bob Puff wrote:
> I have demime in front of most of my larger lists, and I can tell you from
> casual peeks at the incoming copy that I keep, there are far too many people
> who send html email.  My lists nuke all the html, so I'd say probably 75% of
> the incoming messages are modified.
>
> I also would concur that deleting the DKIM sig would be the proper thing to
> do, as an invalid sig is sure to count towards spamminess.  Its a challenge at
> times to get these emails delivered (I've pretty much given up on AOL, they
> are in such a mess), so anything like this that will trigger more unsuccessful
> deliveries is a real problem.
>
> Bob
>
> ---------- Original Message -----------
> From: Mark Sapiro <msapiro at value.net>
> To: Michael Thomas <mat at cisco.com>
> Cc: mailman-developers at python.org
> Sent: Thu, 1 Feb 2007 15:06:25 -0800
> Subject: Re: [Mailman-Developers] dkim-signature headers
>
>   
>> Michael Thomas wrote:
>>     
>>> Yes, there's no question that mailman as well as lots of other software
>>> can destroy signatures. In practice as people seem to actually use them,
>>> it is more theoretical than real. We've been running DKIM signers/verifiers
>>> for going on a year now and the 99% I quoted is across a 25000 user
>>> population which probably uses mailing lists far more than most similarly
>>> sized companies.
>>>       
>> I'm sure your statistics are valid for your environment, but I'm not
>> sure that they are universally applicable. Consider what I think is a
>> fairly typical situation exemplified by mailman-users at python.org. I
>> don't know what fraction of incoming posts to this list are
>> multipart/alternative with text/plain and text/html alternative 
>> parts, but I see many just from people who Cc: me directly.
>>
>> It would be a fairly simple matter to go through the .mbox archive 
>> for any list that has one and count the number of X-Content-Filtered-
>> By: Mailman/MimeDel and compare that to the number of messages. in 
>> fact, I just did that for a cycling club discussion list I managed,
>>  and just over 20% of the messages had content removed. Since the 
>> most common result of this is to throw away a text/html part and 
>> collapse the message to a single part, I submit that this will break 
>> a significant number of signatures.
>>
>> No if the only result of this were that the recipient's MTA/MUAs
>> considered these messages to be unsigned, that would be OK, but my
>> understanding is that in some cases at least, these messages are
>> either discarded or flagged as having invalid signatures. Either of
>> these alternatives is not good. The former discards wanted messages,
>> and the latter trains recipients to ignore the fact that signatures
>> are invalid.
>>
>> That said, it would be a simple matter to make the removal of these
>> signature headers a site option (or even a list option, but I think a
>> site option is more appropriate).
>>
>> It would be better still to be able to make Mailman play better with
>> DKIM so that we wouldn't have to break or remove signatures.
>>
>> I note that Joe is one of the people who first identified the need to
>> remove these headers. Perhaps together, we can find a better way.
>>
>> See
>>
>>     
> <http://sourceforge.net/tracker/index.php?func=detail&aid=1287546&group_id=103&atid=300103>
>   
>> for some discussion.
>>
>> -- 
>> Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
>> San Francisco Bay Area, California    better use your sense - B. Dylan
>>
>> _______________________________________________
>> Mailman-Developers mailing list
>> Mailman-Developers at python.org
>> http://mail.python.org/mailman/listinfo/mailman-developers
>> Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
>> Searchable Archives:
>>     
> http://www.mail-archive.com/mailman-developers%40python.org/
>   
>> Unsubscribe:
>>     
> http://mail.python.org/mailman/options/mailman-developers/bob%40nleaudio.com
>   
>> Security Policy:
>>     
> http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
> ------- End of Original Message -------
>

More information about the Mailman-Developers mailing list