On 9 Jun 2023, at 22:35, Murray S. Kucherawy wrote: > > You were previously talking about inserting ">" before a line starting > "From ", which is typically done on delivery when writing to an > mbox-formatted mailbox file, because in that format, "From " at the front > of a line has a specific meaning (i.e., "this is a new message"). If that > insertion is happening in transport, then a local mailbox convention is > leaking out into the transport environment, which means something is > misconfigured, and all bets are off. > > In any case, it is not a transport conversion anticipated by the section > you're quoting, so I've no idea why a DKIM signer might opt to handle it > specially.
I’m not as definite that this is a misconfiguration, but might be a historical artifact. When we were editing RFC 4871, I remember discussing with Eric Allman the problem with “from” at the beginning of a line. At the time, we recognized that some messages would fail to verify because the message would be modified in transit to add the >. IIRC this was particularly a problem because message signing was done in a milter that operated on the incoming leg of the message path (through sendmail, for example), when ideally you would want signing to be done on the way out of the MTA. Your description of why the > was added is probably correct, but I think there are circumstances where the > leaks out that aren’t just due to misconfiguration. I have two messages in my bloated inbox that apparently have had > added (many of you may have the “Communications of the ACM, May 2023” message from April 24). They pass dkim verification, probably because they were signed after modification. -Jim _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
