Ian Eiloart wrote: > Hector Santos <hsan...@isdg.net> wrote:
>> DKIM signed Double From ----> Accepted, Resigned by mipassoc.org > Yes, we saw that. >> >> No Signature, Double From ---> Trapped/rejected by mipassoc.org > > Really? You tested this? I assumed the message was accepted because it > contained a From: header belonging to a list member. Not because it was > signed. The list checks the 5321.Mail From address (return path), not the 5322.From. Yes, tested twice. I got a bounce back from the list saying it was waiting moderator approval and it gave me the opportunity to click a URL to cancel the submission. GMAIL imports it the spam box as a "NO SUBJECT" message because it stripped all headers and recreates its own. You will find this common with many MTA that use a "Valid 822 or 2822/5322" detector. Let me try it again... Yup. I created a 5322 message with two 5322.From and no signature: ------------------------------ ENV-FROM: <hsan...@isdg.net> ENV-TO: <ietf-dkim@mipassoc.org> ENV-DATA: From: President Obama <ob...@whitehouse.gov> Message-ID: <4caa540b.5050605xxxaxds...@isdg.net> Date: Mon, 12 Oct 2010 12:24:11 -0400 From: Hector Santos <hsan...@isdg.net> Subject: Non-signed, double from User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: ietf-dkim@mipassoc.org Non-signed, double from -- HLS ------------------------------ When I put that message in the router outbound spool, the MTA routed it to mipassoc.org and this is the list approval message I just received: ------------------------------ Received: by winserver.com (Wildcat! SMTP Router v6.3.453.5) for hsan...@isdg.net; Tue, 12 Oct 2010 12:45:33 -0400 Authentication-Results: dkim.winserver.com; dkim=pass header.i=mipassoc.org header.d=mipassoc.org header.s=k00001; adsp=none author.d=mipassoc.org signer.d=mipassoc.org; Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by winserver.com (Wildcat! SMTP v6.3.453.5) with ESMTP id 1159772343; Tue, 12 Oct 2010 12:45:29 -0400 Received: from sbh17.songbird.com (sbh17.songbird.com [127.0.0.1]) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o9CGk3pR011186 for <hsan...@isdg.net>; Tue, 12 Oct 2010 09:46:08 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=mipassoc.org; s=k00001; t=1286901968; bh=GkF+Zni/AmU95QUngEpyvADEq+U=; h=MIME-Version:Content-Type:Content-Transfer-Encoding:Subject: From:To:Message-ID:Date:List-Id:Sender; b=TF05IDrPNZZkxMxywTFfz8O/w3Hmr/cE42u5jEXBHMX EYrWHRYjdfdVipu0RZ4kvY8vYtkbsZLHvtqtXdi2cgu16xWxuwltYn/+MmPmEufyu47 GtNzERKTf0Tbp+4Hm8EmjayZI3pP0tlkDrZ+cSkfxwwKOm7EBvF+9xrPlmB1k= MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Your message to ietf-dkim awaits moderator approval From: ietf-dkim-boun...@mipassoc.org To: hsan...@isdg.net Message-ID: <mailman.2971.1286901961.2420.ietf-d...@mipassoc.org> Date: Tue, 12 Oct 2010 09:46:01 -0700 Precedence: bulk X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.9 List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org> X-List-Administrivia: yes Sender: ietf-dkim-boun...@mipassoc.org Errors-To: ietf-dkim-boun...@mipassoc.org X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 (sbh17.songbird.com [127.0.0.1]); Tue, 12 Oct 2010 09:46:08 -0700 (PDT) Your mail to 'ietf-dkim' with the subject (no subject) Is being held until the list moderator can review it for approval. The reason it is being held: Message has implicit destination Either the message will get posted to the list, or you will receive notification of the moderator's decision. If you would like to cancel this posting, please visit the following URL: http://mipassoc.org/mailman/confirm/ietf-dkim/c3ab82450dcdff2c7e15dcfc1748c57f69c4e956 ------------------------------ So this is to show you that it isn't about a receiving MTA not being compliant with RFC 5322, it is about a DKIM loophole. Thats not to say any component in the integrated mail network is not responsible for RFC5322 checking, but DKIM can not expect everyone to do it right, thus it needs to check for itself. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html