Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
I used to get this error message no matter what email address I typed in : --cut-- Password request failed The automatic login and password service failed; manual intervention is needed. Please send a mail to webmas...@tools.ietf.org and explain the situation for further assistance. --cut-- Gave it another try just now, and my Gmail address was accepted :-) /Henrik On Thu, Sep 18, 2014 at 1:39 PM, Roland Turner wrote: > On 09/18/2014 07:30 PM, Stephen J. Turnbull wrote: > > I was referring to >> >> http://trac.tools.ietf.org/wg/dmarc/trac/wiki/MilestoneOneWiki >> >> > I had no trouble working through the automated sign-up. What trouble > (error message?) are you having with your email address(es)? > > - Roland > > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- Mvh/Best regards Henrik Schack ICQ: 889295 http://henrik.schack.dk/ http://links.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 09/18/2014 07:30 PM, Stephen J. Turnbull wrote: I was referring to http://trac.tools.ietf.org/wg/dmarc/trac/wiki/MilestoneOneWiki I had no trouble working through the automated sign-up. What trouble (error message?) are you having with your email address(es)? - Roland ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
John Levine writes: > If you're referring to the ASRG wiki, the person responsible for it is > me. I am unaware of any signup problems, and there are multiple > people contributing to it. I'm not sure what ASRG refers to, perhaps http://wiki.asrg.sp.am/? I was referring to http://trac.tools.ietf.org/wg/dmarc/trac/wiki/MilestoneOneWiki Sorry for not providing the URL in the first place. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
I've added an indirect mail flow page to the ASRG wiki. If you don't have a password to log in and edit, write to me and I'll give you one. >> >IMO, the place to record the inventory is the wiki. Mailing lists are >> >not a good place to keep such records. >> I would love to add it to the Wiki, unfortunately the Wiki signup features >> seems to be broken, wont accept any of my email addresses. >> >And the person responsible does not respond when asking for help. If you're referring to the ASRG wiki, the person responsible for it is me. I am unaware of any signup problems, and there are multiple people contributing to it. Feel free to contact me directly for help. R's, John ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On Wed, Sep 17, 2014 at 10:33 PM, Henrik Schack wrote: > > >it's nice to see how many respondents in this thread gave all sorts of >> advise to Henrik how to deal with a problem, which basically cannot solved >> by him because it is caused by some 3rd party (modifying the body of a mail >> for adv. purposes). >> > >> >I interpreted Henrik's mail as a followup to the thread that John Kelly >> started, titled 'Indirect mail flows'. In my view both John and Henrik >> tried to make (a start of) an inventory of all sorts of real-life >> situations that potentially can break DKIM signatures or more in general: >> cause DMARC failures for legitimate mail flows where sending DMARC >policy >> is p=reject. > > IMO, DMARC and the policy assertions made thereby is entirely beside the point here - does nobody care that mail authentication signatures (DKIM in other words) is being willfully damaged by clueless vendors? Invalid DKIM signatures may not be a "negative" reputation factor, but they certainly aren't a positive one either. . ."would all interested volunteers please step forward" :-) --Kurt ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
> > > >IMO, the place to record the inventory is the wiki. Mailing lists are > >not a good place to keep such records. > I would love to add it to the Wiki, unfortunately the Wiki signup features > seems to be broken, wont accept any of my email addresses. > And the person responsible does not respond when asking for help. /Henrik ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
> > >it's nice to see how many respondents in this thread gave all sorts of > advise to Henrik how to deal with a problem, which basically cannot solved > by him because it is caused by some 3rd party (modifying the body of a mail > for adv. purposes). > > > >I interpreted Henrik's mail as a followup to the thread that John Kelly > started, titled 'Indirect mail flows'. In my view both John and Henrik > tried to make (a start of) an inventory of all sorts of real-life > situations that potentially can break DKIM signatures or more in general: > cause DMARC failures for legitimate mail flows where sending DMARC >policy > is p=reject. > > That's right, that was my original intention. /Henrik ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Rolf E. Sonneveld writes: > started, titled 'Indirect mail flows'. In my view both John and Henrik > tried to make (a start of) an inventory of all sorts of real-life > situations that potentially can break DKIM signatures or more in > general: cause DMARC failures for legitimate mail flows where sending > DMARC policy is p=reject. IMO, the place to record the inventory is the wiki. Mailing lists are not a good place to keep such records. > And before starting the discussion about possible solutions it may be > better to first 'complete' [1] this inventory. The suggested solutions, if they can be implemented without standardizing additional protocols, are useful fodder for the proposed BCP, which I think is on-topic at the moment. I suppose they might also be added to the wiki on a separate page or as footnotes, or something. So the discussions are useful IMO. I hope Somebody[tm] is adding such ideas to the wiki. One of these days[tm] I'll do a run through the list archives for that purpose, but I don't claim a patent on that idea! Steve ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
I recall during a few decades ago when there was stripping wars among mail packages which began to add/strip/replace the other guys tag/tear/brag lines and vice-versa. The MUA (mail reader/writer) had the ultimate last say on the matter. So a server side script to process the mail after the AV processor has touched it could do the same thing (strip the AV brag line). Of course, this would start Stripping Wars II. Of course the right way is to check the local country electronic mail tampering laws and send a letter to their chief council about tampering with mail. Since they are not the copyright owner of the message, they could be violating copyright and mail tampering laws by changing the display and security integrity of the message. This could provide legal argument for the STRIPPING ACTION (because they never own the mail in the first place). -- HLS On 9/15/2014 8:59 PM, Terry Zink wrote: I'm not saying I agree that an A/V company is right to put their tagline into the message, especially if it breaks DKIM. If I owned an A/V company, I wouldn't do it [1]. However, I understand why A/V companies would do it - it (presumably) helps drive revenue because it increases visibility in a way that putting it into a header does not. -- Terry [1] This is easy for me to say because I don't own an A/V company and my revenue stream does not depend on it. -Original Message- From: Dave Crocker [mailto:d...@dcrocker.net] Sent: Monday, September 15, 2014 5:27 PM To: Terry Zink; Murray S. Kucherawy Cc: dmarc@ietf.org; John Levine; hen...@schack.dk Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider On 9/15/2014 5:26 PM, Terry Zink wrote: Having the "Virus scanned by xxx" ***in a header*** defeats the purpose of advertising since most clients won't display it. A/V filters put those taglines in there to advertise, not just to tell the mail client that their mail has been scanned. And having it displayed achieves what demonstrable benefit? Actual and measured, not theoretical and based on guesswork? d/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
All, On 09/15/2014 07:39 PM, Henrik Schack wrote: In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a "Virus scanned by " line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. it's nice to see how many respondents in this thread gave all sorts of advise to Henrik how to deal with a problem, which basically cannot solved by him because it is caused by some 3rd party (modifying the body of a mail for adv. purposes). I interpreted Henrik's mail as a followup to the thread that John Kelly started, titled 'Indirect mail flows'. In my view both John and Henrik tried to make (a start of) an inventory of all sorts of real-life situations that potentially can break DKIM signatures or more in general: cause DMARC failures for legitimate mail flows where sending DMARC policy is p=reject. And before starting the discussion about possible solutions it may be better to first 'complete' [1] this inventory. /rolf [1] the inventory will never be 100% complete, of course. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Murray S. Kucherawy writes: > better yet, do DKIM verification prior to AV processing. This looks like the best bet to me. Especially if the AV processor charges by the message: perhaps you can reject or approve before submitting to the AV. ;-) ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 09/16/2014 11:42 AM, Dave Crocker wrote: On 9/15/2014 7:00 PM, Roland Turner wrote: As I understand it, most advertisers maintain a "nuclear ambiguity" about the effectiveness of their activities, making measurements rather difficult to obtain. Every presentation I've seen from usability (human factors, UX, ...) specialist has said the objective research shows very, very poor efficacy. Indirect evidence abounds (we can reasonably infer from CPM pricing that even context-relevant display ads have a value that approaches zero, let alone those that are out of context as in this case), but that isn't what you asked. - Roland ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 9/15/2014 7:00 PM, Roland Turner wrote: > As I understand it, most advertisers maintain a "nuclear ambiguity" > about the effectiveness of their activities, making measurements rather > difficult to obtain. Every presentation I've seen from usability (human factors, UX, ...) specialist has said the objective research shows very, very poor efficacy. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 09/16/2014 08:27 AM, Dave Crocker wrote: On 9/15/2014 5:26 PM, Terry Zink wrote: Having the "Virus scanned by xxx" ***in a header*** defeats the purpose of advertising since most clients won’t display it. A/V filters put those taglines in there to advertise, not just to tell the mail client that their mail has been scanned. And having it displayed achieves what demonstrable benefit? Actual and measured, not theoretical and based on guesswork? As I understand it, most advertisers maintain a "nuclear ambiguity" about the effectiveness of their activities, making measurements rather difficult to obtain. - Roland ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
I'm not saying I agree that an A/V company is right to put their tagline into the message, especially if it breaks DKIM. If I owned an A/V company, I wouldn't do it [1]. However, I understand why A/V companies would do it - it (presumably) helps drive revenue because it increases visibility in a way that putting it into a header does not. -- Terry [1] This is easy for me to say because I don't own an A/V company and my revenue stream does not depend on it. -Original Message- From: Dave Crocker [mailto:d...@dcrocker.net] Sent: Monday, September 15, 2014 5:27 PM To: Terry Zink; Murray S. Kucherawy Cc: dmarc@ietf.org; John Levine; hen...@schack.dk Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider On 9/15/2014 5:26 PM, Terry Zink wrote: > Having the "Virus scanned by xxx" ***in a header*** defeats the purpose > of advertising since most clients won't display it. A/V filters put > those taglines in there to advertise, not just to tell the mail client > that their mail has been scanned. And having it displayed achieves what demonstrable benefit? Actual and measured, not theoretical and based on guesswork? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 9/15/2014 5:26 PM, Terry Zink wrote: > Having the "Virus scanned by xxx" ***in a header*** defeats the purpose > of advertising since most clients won’t display it. A/V filters put > those taglines in there to advertise, not just to tell the mail client > that their mail has been scanned. And having it displayed achieves what demonstrable benefit? Actual and measured, not theoretical and based on guesswork? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Er, what I meant was this: Having the "Virus scanned by xxx" ***in a header*** defeats the purpose of advertising since most clients won’t display it. A/V filters put those taglines in there to advertise, not just to tell the mail client that their mail has been scanned. -- Terry From: Murray S. Kucherawy [mailto:superu...@gmail.com] Sent: Monday, September 15, 2014 5:21 PM To: Terry Zink Cc: John Levine; dmarc@ietf.org; hen...@schack.dk Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider How will most mail clients know not to display it if it's made part of the body? On Mon, Sep 15, 2014 at 4:39 PM, Terry Zink mailto:tz...@exchange.microsoft.com>> wrote: Having the "Virus scanned by xxx" defeats the purpose of advertising because most mail clients won't display it, and the point of adding this to the body is so that other people can see it. I think Murray's earlier suggestion to perform the DKIM check before A/V filtering is the best option. -- Terry -Original Message- From: dmarc [mailto:dmarc-boun...@ietf.org<mailto:dmarc-boun...@ietf.org>] On Behalf Of John Levine Sent: Monday, September 15, 2014 2:16 PM To: dmarc@ietf.org<mailto:dmarc@ietf.org> Cc: hen...@schack.dk<mailto:hen...@schack.dk> Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider In article mailto:t00p...@mail.gmail.com>> you write: >-=-=-=-=-=- >-=-=-=-=-=- > >In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider >breaking DKIM signatures. >They break DKIM signatures on incoming email by adding a "Virus scanned by >" line to the body of the email. > >Not sure how to fix this, but perhaps some day they'll get tired of my >bi-monthly calls and emails complaining about how they do things. As other people have said, put the advertisement in a header, not in the body. R's, John -- This message is infected with annoying ads because it has been scanned by Avast! anti-virus. ___ dmarc mailing list dmarc@ietf.org<mailto:dmarc@ietf.org> https://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org<mailto:dmarc@ietf.org> https://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
How will most mail clients know not to display it if it's made part of the body? On Mon, Sep 15, 2014 at 4:39 PM, Terry Zink wrote: > Having the "Virus scanned by xxx" defeats the purpose of advertising > because most mail clients won't display it, and the point of adding this to > the body is so that other people can see it. I think Murray's earlier > suggestion to perform the DKIM check before A/V filtering is the best > option. > > -- Terry > > -Original Message- > From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of John Levine > Sent: Monday, September 15, 2014 2:16 PM > To: dmarc@ietf.org > Cc: hen...@schack.dk > Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by > cloud anti-virus/spam provider > > In article t00p...@mail.gmail.com> you write: > >-=-=-=-=-=- > >-=-=-=-=-=- > > > >In Denmark we have a somewhat large (10K+ domains) anti-virus/spam > provider > >breaking DKIM signatures. > >They break DKIM signatures on incoming email by adding a "Virus scanned by > >" line to the body of the email. > > > >Not sure how to fix this, but perhaps some day they'll get tired of my > >bi-monthly calls and emails complaining about how they do things. > > As other people have said, put the advertisement in a header, not in the > body. > > R's, > John > -- > This message is infected with annoying ads because it has been scanned by > Avast! anti-virus. > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Having the "Virus scanned by xxx" defeats the purpose of advertising because most mail clients won't display it, and the point of adding this to the body is so that other people can see it. I think Murray's earlier suggestion to perform the DKIM check before A/V filtering is the best option. -- Terry -Original Message- From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of John Levine Sent: Monday, September 15, 2014 2:16 PM To: dmarc@ietf.org Cc: hen...@schack.dk Subject: Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider In article you write: >-=-=-=-=-=- >-=-=-=-=-=- > >In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider >breaking DKIM signatures. >They break DKIM signatures on incoming email by adding a "Virus scanned by >" line to the body of the email. > >Not sure how to fix this, but perhaps some day they'll get tired of my >bi-monthly calls and emails complaining about how they do things. As other people have said, put the advertisement in a header, not in the body. R's, John -- This message is infected with annoying ads because it has been scanned by Avast! anti-virus. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
In article you write: >-=-=-=-=-=- >-=-=-=-=-=- > >In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider >breaking DKIM signatures. >They break DKIM signatures on incoming email by adding a "Virus scanned by >" line to the body of the email. > >Not sure how to fix this, but perhaps some day they'll get tired of my >bi-monthly calls and emails complaining about how they do things. As other people have said, put the advertisement in a header, not in the body. R's, John -- This message is infected with annoying ads because it has been scanned by Avast! anti-virus. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On 2014-09-15 10:39, Henrik Schack wrote: In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a "Virus scanned by " line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. I doubt your calls are nearly as annoying as they value they receive from the free advertising -- It's not just "Put your name in front of someone" advertising, it's a defacto endorsement, it's a "My friend/colleague/whatever uses This Product, so maybe I should too?" I look at them like I look at people that leave their mobile mail client's default signature, I assume they don't know any better, but I don't expect companies to ever stop trying to get free advertising in this way. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Though I would never put such a thing in a standards document, OpenDKIM does have the capability to rewrite arriving header fields prior to signing/verifying to overcome things like this. Your ESP's verifier could be trained to ignore the added line prior to verifying, or better yet, do DKIM verification prior to AV processing. -MSK On Mon, Sep 15, 2014 at 12:31 PM, Henrik Schack wrote: > No it's not at all a free service. But they advertise anyway :-( > Br > Henrik > > On Mon, Sep 15, 2014 at 9:28 PM, Franck Martin > wrote: > >> >> On Sep 15, 2014, at 7:39 PM, Henrik Schack >> wrote: >> >> > In Denmark we have a somewhat large (10K+ domains) anti-virus/spam >> provider breaking DKIM signatures. >> > They break DKIM signatures on incoming email by adding a "Virus scanned >> by " line to the body of the email. >> > >> > Not sure how to fix this, but perhaps some day they'll get tired of my >> bi-monthly calls and emails complaining about how they do things. >> > >> >> >> Is this a free service that they have to advertise themselves in the body >> of the email? If you pay for the service, may be you don’t want to get any >> advertisement? >> >> ___ >> dmarc mailing list >> dmarc@ietf.org >> https://www.ietf.org/mailman/listinfo/dmarc >> >> > > > -- > Mvh/Best regards > Henrik Schack > ICQ: 889295 > http://henrik.schack.dk/ > http://links.schack.dk/ > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
No it's not at all a free service. But they advertise anyway :-( Br Henrik On Mon, Sep 15, 2014 at 9:28 PM, Franck Martin wrote: > > On Sep 15, 2014, at 7:39 PM, Henrik Schack > wrote: > > > In Denmark we have a somewhat large (10K+ domains) anti-virus/spam > provider breaking DKIM signatures. > > They break DKIM signatures on incoming email by adding a "Virus scanned > by " line to the body of the email. > > > > Not sure how to fix this, but perhaps some day they'll get tired of my > bi-monthly calls and emails complaining about how they do things. > > > > > Is this a free service that they have to advertise themselves in the body > of the email? If you pay for the service, may be you don’t want to get any > advertisement? > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > -- Mvh/Best regards Henrik Schack ICQ: 889295 http://henrik.schack.dk/ http://links.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
On Sep 15, 2014, at 7:39 PM, Henrik Schack wrote: > In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider > breaking DKIM signatures. > They break DKIM signatures on incoming email by adding a "Virus scanned by > " line to the body of the email. > > Not sure how to fix this, but perhaps some day they'll get tired of my > bi-monthly calls and emails complaining about how they do things. > Is this a free service that they have to advertise themselves in the body of the email? If you pay for the service, may be you don’t want to get any advertisement? signature.asc Description: Message signed with OpenPGP using GPGMail ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
In this case it's not a header, but a line added to the body of the email Br Henrik Schack On Sep 15, 2014 8:51 PM, "Tomki" wrote: > Henrik, > I think that the fact of virus scanning is more commonly just another > header in the message, which would not break a properly created > DKIM-Signature. > For example your message (via the list) got to me with extra headers such > as: X-IronPort-AV, X-IronPort-AS > > Perhaps that example from another major scanning system would help. > > --Tomki > > > > On 9/15/14 10:39, Henrik Schack wrote: > > In Denmark we have a somewhat large (10K+ domains) anti-virus/spam > provider breaking DKIM signatures. > They break DKIM signatures on incoming email by adding a "Virus scanned by > " line to the body of the email. > > Not sure how to fix this, but perhaps some day they'll get tired of my > bi-monthly calls and emails complaining about how they do things. > > > -- > Mvh/Best regards > Henrik Schack > http://henrik.schack.dk/ > > > > ___ > dmarc mailing listdmarc@ietf.orghttps://www.ietf.org/mailman/listinfo/dmarc > > > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
Henrik, I think that the fact of virus scanning is more commonly just another header in the message, which would not break a properly created DKIM-Signature. For example your message (via the list) got to me with extra headers such as: X-IronPort-AV, X-IronPort-AS Perhaps that example from another major scanning system would help. --Tomki On 9/15/14 10:39, Henrik Schack wrote: In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a "Virus scanned by " line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. -- Mvh/Best regards Henrik Schack http://henrik.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc