On Mon, Aug 16, 2021 at 05:21:15PM +0800, Ken N <k...@linuxdeveloper.xyz> wrote:
> I was reading this blog posting: > https://www.alexblackie.com/articles/email-authenticity-dkim-spf-dmarc/ > > But I am confused that, what content should DKIM signature for? > The message body or headers? what headers should be signed? > > Thank you. Hi Ken, DKIM is defined in RFC 6376: https://tools.ietf.org/html/rfc6376 (Internet Standard) DKIM signatures should include the entire body, and some headers. The RFC only requires that the From: header be included, but it lists some "common examples" of headers that get included (Section 5.4.1): From, Reply-To, Subject, Date, To, Cc, Resent-Date, Resent-From, Resent-To, Resent-Cc, In-Reply-To, References, List-Id, List-Help, List-Unsubscribe, List-Subscribe, List-Post, List-Owner, List-Archive I think this is the default list used by OpenDKIM. The RFC also suggest others such as: Content-* But that's mainly if only some, but not all, of the body is signed. That's not recommended, but it's been known to happen. In addition to that, it's a good idea to "oversign" some headers which is a mechanism to make sure that nobody maliciously adds an additional instance of a signed header. Without oversigning, an extra instance of a header wouldn't invalidate a DKIM signature, but it might be visible to the recipient, and therefore be misleading. Oversigning makes sure that that won't happen without invalidating the DKIM signature and getting noticed. Usually, the only header that is oversigned is: From Because it's the most important. But there's one school of thought that says that all headers that are visible to the user should be oversigned, e.g.: From, To, Cc, Subject, Date See here for that school of thought: Breaking DKIM - on Purpose and by Chance https://noxxi.de/research/breaking-dkim-on-purpose-and-by-chance.html And see here for a counterargument: Breaking DKIM? Or simply misunderstanding how it works in practice https://www.valimail.com/blog/breaking-dkim-or-simply-misunderstanding-how-it-works-in-practice/ OpenDKIM at least always checks for multiple occurrences of any header that should only appear once. Perhaps all DKIM validators do that these days. Let's hope so. Also bear in mind that SPF is fragile ("broken" by all mail forwarding and some mailing lists), DKIM is as well but less so (broken by some mailing lists), and DMARC is very fragile (broken by the above and when it decides that the above don't apply). And so they needed to invent another layer on top of it all: Authenticated Received Chain (ARC): https://tools.ietf.org/html/rfc8617 (Experimental) I think at this stage, it's safe to say that it's getting out of hand. :-) I suppose there's no problem in computer science that can't be solved by adding another layer of cryptographic indirection. :-) cheers, raf