lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM

Grant Taylor gtaylor at tnetconsulting.net
Wed Nov 29 23:00:26 CST 2017


On 11/29/2017 03:46 PM, Michael Thomas wrote:
> You know what the original header was via the signature. You can take 
> the delta of the current subject line and 
> remove any additions and validate the signature. Whether you're happy 
> with the additions is a different concern,

Are you referring to the optional z DKIM-Signature tag?

Or are you referring to brute forcing what the subject was in order to 
derive the delta of the current subject?  This would be compounded by 
any number of other changes to (over)singed headers / body portion.

> If I were constructing a spam filter out of it, I'd give a lot of 
> prejudice to anything added, but that's outside of
> what you can do within the bounds of the spec.

*If* the z tag was included in the DKIM-Signature header, I can see how 
this would work and I agree with your distrust of said additions / 
alterations.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20171129/0ab91856/attachment.bin>


More information about the NANOG mailing list