[jira] [Created] (JAMES-3016) Remote delivery modifies message breaking DKIM signature

Sat, 04 Jan 2020 15:21:09 -0800 

Sergey B. created JAMES-3016:
--------------------------------

             Summary: Remote delivery modifies message breaking DKIM signature
                 Key: JAMES-3016
                 URL: https://issues.apache.org/jira/browse/JAMES-3016
             Project: James Server
          Issue Type: Bug
    Affects Versions: 3.3.0
            Reporter: Sergey B.


Remote delivery modifies message and breaks its DKIM signature. This happens 
when Content-Type is 'text/plain; charset=UTF-8' and body contains non-ascii 
symbols.

Here is an example. This message was about to be sent.
{code:java}
Date: Sun, 22 Dec 2019 12:42:43 +0000 (GMT)
From: mysen...@example.com
To: myrecei...@example.org
Message-ID: <1071314998.134.1577018563940.JavaMail.root@19084506dd1d>
Subject: MySender email notification test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
{code}
This is how it looked like at receiver side.
{code:java}
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
DKIM-Signature: a=rsa-sha256; b=DKIMSIGNATURE=; s=mail; c=relaxed/relaxed; 
d=example.com; v=1; bh=BHDATA=; 
h=Message-ID:Date:Subject:From:To:MIME-Version:Content-Type;
Date: Sun, 22 Dec 2019 12:42:43 +0000 (GMT)
From: mysen...@example.com
To: myrecei...@example.org
Message-ID: <1071314998.134.1577018563940.JavaMail.root@19084506dd1d>
Subject: MySender email notification test{code}
Mailet configuration is like this
{code:java}
<mailet match="All" class="org.apache.james.jdkim.mailets.ConvertTo7Bit"/>
<mailet match="All" class="org.apache.james.jdkim.mailets.DKIMSign">
 <signatureTemplate>v=1; s=mail; d=example.com; 
h=Message-ID:Date:Subject:From:To:MIME-Version:Content-Type; a=rsa-sha256; bh=; 
b=; c=relaxed/relaxed;</signatureTemplate>
 <forceCRLF>true</forceCRLF>
 <privateKey><![CDATA[
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
 ]]></privateKey>
</mailet>
<mailet match="All" class="RemoteDelivery">
 <sslEnable>false</sslEnable>
 <startTLS>false</startTLS>
</mailet>{code}
Adding property mail.smtp.allow8bitmime=false to configuration of 
RemoteDelivery mailet solves the problem effectively.

Disabling 8bit MIME extension, when DKIM signature is present, seems to be the 
right solution.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org

Reply via email to