On 5. nov. 2009, at 20.38, Shad L. Lords wrote:
Johan Almqvist wrote:
Are you sure you're not confusing this with SpamAssassin expecting
'From_' lines in /var/spool/mail-format mailboxes (see RFC-976)?
That is what I'm referring to. And I think I was confused on the
plugin as well. Now that I think about it I think it was clamav
plugin. If it didn't receive the From_ header first then it didn't
process it as a mail message and pull the attachments apart
correctly. If it didn't pull it apart correctly then it would
detect the virus that was attached.
Uh. That's a bug, not a feature.
For example, the message I am replying to (your message) had 16
other headers before the From: line in it. Two of them were between
the DKIM signature and the From: header....
Right and if you look at the h= part of my dkim sig then if any MTA
inserted/changed any of the listed headers below that DKIM line then
the sig would fail.
Hmm.
Your h= part looks like this: h=received:from:subject:date:message-id
There is an issue here when posting to a mailing list: ezmlm will
remove *your* Received: line (the one you signed) regardless of where
in the header it is.
So the signature will be invalid. I'm not sure Received: headers are
good candidates for signing.
Mailing list managers shouldn't munge Subject: - but they might...
-Johan
