[Mimedefang] Mimedefang breaks DKIM signing of single-part, plain text emails
Kevin A. McGrail
KMcGrail at PCCC.com
Thu Jan 22 12:38:53 EST 2015
On 1/15/2015 2:55 PM, David F. Skoll wrote:
> On Thu, 15 Jan 2015 10:41:14 -0700
> Peter Nagel <pbnagel at rmi.net> wrote:
>
> [Some very good comments]
>
> Yes, I can see how MIMEDefang misbehaves if you're trying to sign
> something. I'll definitely look at fixing the behaviour.
We've been experimenting with making sure DKIM verification is working
so we've added a verification loop to test all of the DKIM signed
messages to see if we can identify any edge cases that are failing.
To do this, we added an add_recipient call to our DKIM routine for
signature. Perhaps some others might like to do the same so we can
identify more edge cases.
We then run the emails through a small script that uses
Mail::DKIM::Verifier to check the signature using procmail. Here's call
to the script using procmail:
# RUN MESSAGES NOT DIRECTLY TO DKIM_CHECK THROUGH THE SCRIPT
:0 fw
* !^(To|Cc|Bcc|From): check_the_dkim at pccc.com.*
| perl /usr/local/check_the_dkim.pl
# DISCARD ANY MESSAGES THAT SAY DISCARD FROM THE SCRIPT
:0:
* ^X-Status: D.*
/dev/null
And here's the small script:
#Written by PCCC to test edge cases of DKIM signing
#Released to Public Domain
use Mail::DKIM::Verifier;
our ($original_message);
&main();
sub main {
my ($message, $result);
$result = &get_result();
if (uc($result) ne 'PASS') {
$message .= "A message signed by mimedefang has failed the DKIM
verification.<br><br>";
$message .= "<b>Result:</b> $result<br><br>";
$message .= "<b>Original Message:</b><br><br>";
$message .= "<pre>$original_message</pre>";
# email message here
# keep email in inbox for inspection
print $original_message;
} else {
my $printed_delete = 0;
# ADD X-Status: D TO MARK EMAIL DELETED
foreach my $line (split("\n", $original_message)) {
if ($printed_delete < 1 and $line =~ /^$/) {
print "X-Status: D\n";
$printed_delete++;
}
print $line."\n";
}
}
# KEEP EMAIL IN INBOX FOR CHECKING LATER
exit 0;
}
# USE THE VERIFIER TO CHECK THE DKIM SIGNATURE
sub get_result {
my ($FORM, %params) = @_;
my ($result, $dkim);
# create a verifier object
$dkim = Mail::DKIM::Verifier->new();
while (<STDIN>)
{
# keep original message to be saved later
$original_message .= $_;
# remove local line terminators
chomp;
s/\015$//;
# use SMTP line terminators
$dkim->PRINT("$_\015\012");
}
$dkim->CLOSE;
# what is the result of the verify?
$result = $dkim->result_detail;
return $result;
}
Regards,
KAM
More information about the MIMEDefang
mailing list