Jeremy Harris wrote in <b744748a-403f-4d4b-a93a-984878e6c...@wizmail.org>: |On 19/05/2024 17:26, Wei Chuang wrote: |> then rewrite the Content-type header mime |> delimitter | |Seems like including this header in the signed set would be |Best Practice?
Indeed. I want to remark that this thread seems to reiterate an attack from 2018: https://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html It then says in "How to Fix the Problems" The signature itself need to include all mail headers which might affect the display of the message. Each of these should be oversigned to protect against an attacker adding extra headers. The headers which obviously needs to be signed are any headers directly displayed to the user, i.e. Subject, From, To, Date and Sender. Additionally any headers affecting the display of the message should be included, i.e. Content-Type, Content-Transfer-Encoding, Content-Disposition and Mime-Version. And there are also headers which affect the future message flow or how this message is displayed in the context of others, i.e. Reply-To, In-Reply-To and References. It might also be useful to add the length of the body with the 'l' attribute as long as all headers which might affect the display of the message are included in the signature and oversigned. which is (alongside the words from RFC 6376) is why my simple s-dkim-sign for postfix includes extended built-in lists covering all these. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org