Good point. Due to DMARC these issues will be more apparent. We will revisit our encoding and canocalization guidelines.
Thanks, Maarten > On 12 Dec 2016, at 21:23, Steve Atkins <st...@blighty.com> wrote: > >> >> On Dec 12, 2016, at 12:15 PM, Maarten Oelering <maar...@postmastery.net >> <mailto:maar...@postmastery.net>> wrote: >> >> DKIMCore promotes the use of simple body canocalization: >> http://dkimcore.org/deployment/dkim.html >> <http://dkimcore.org/deployment/dkim.html>. > > Something that might not be the most robust configuration, given Microsoft's > whitespace issues, though at the time it was written the failure modes in the > body of the message tended to be more spectacular than relaxed > canonicalization would help with. > > (And the author contradicts himself in todays blog post: > https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/ > > <https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/> > ) > >> >> Should ESPs use relaxed body canocalization instead to avoid these (rare) >> validation issues? > > Yes. They should also probably: > > o Not use tabs for whitespace. > > o Use email addresses of the form "friendly address" <local@domain> > > o Avoid lines longer than 80 characters > > o Use quoted-printable for all body text > > o ... > > None of this is particularly important when the only fallout of a DKIM > validation failure is "meh, it's email". DKIM is fragile in transit, we know > that. > > It goes wrong when people also deploy DMARC with p=reject, which repurposes > DKIM and SPF to make negative rather than positive assertions, so actually > fails when both DKIM and SPF fail to validate. So we have to care more now. > > Cheers, > Steve
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
