On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail <kmcgr...@pccc.com>
wrote:
I disagree as well. You can't cherry pick your quotes and you are
missing
the long-lived caveat as well as the next sentence: Verifiers MUST be
able
to validate signatures with keys ranging from 512 bits to 2048 bits
If it is 512 to 2048, I think the rfc is clear for recipients.
Gmail and a few others have decided to behave like if there was no
DKIM signature if the key <1024. Because today nearly anyone can crack
a 512bits DKIM key and just for a few dollars.
The only value of a DKIM signature is for a signer to prove
that some message originated from his domain. If some ignorant but
important signer choses a short signing key, it is risking that
recipients will ignore the signature and treat mail as unsigned,
and it is risking that someone could fake their mail. It's their
choice, and the risk is theirs too. By now, practically no important
sending domain is using keys shorter than 1024 bits.
Such mail signed with a short key may still carry a valid DKIM
signature. It would be inappropriate *not* to trigger a DKIM_VALID
rule, its score is almost zero. An entirely different question is
whether a recipient wants to trust such short key for whitelisting
or not.
The default DKIM-based whitelist as it comes with SpamAssassin
distribution (or with rule updates) does not contain any domain
that signs their mail with a short key (last time I checked).
So the original concern with this thread is weak.
If a local site decides to whitelist additional domain based
on their short DKIM signing key, its entirely their decision.
If whitelisting is really needed, it's probably still better
to whitelist based on a weak DKIM signature, then whitelist
based on some other weaker information (like a From address,
SPF with a too-wide set of allowed addresses, or guessing on
an IP address in a Received header field).
In my opinion it would be wrong to prevent a local site
administrator from doing that. The RFC only says the key must
be at least 1024 bits long. but does not tell a recipient
how to treat a message which breaks that requirement.
Franck Martin wrote:
spamassassin could add positive points if the key <1024
A message with a short but valid DKIM key is no worse than an
unsigned message. It would be wrong to assign score to short keys.
What may be useful is to update the DKIM plugin so that it disregards
signatures with a short key for whitelisting purposes. It may also
be useful to add additional rules (score zero) to indicate ranges
of a key size, which could then be used in meta rules when desired.
Mark