Debian Bug report logs - #500967
dkim-filter: Should allow configuring DKIM on a per-recipient basis

version graph

Package: dkim-filter; Maintainer for dkim-filter is Mike Markley <mike@markley.org>;

Reported by: Russell Coker <russell@coker.com.au>

Date: Fri, 3 Oct 2008 01:54:01 UTC

Severity: wishlist

Found in version dkim-milter/2.6.0.dfsg-1

Fixed in version 2.8.2.dfsg-1.1+rm

Done: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Mike Markley <mike@markley.org>:
Bug#500967; Package dkim-filter. (Fri, 03 Oct 2008 01:54:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Russell Coker <russell@coker.com.au>:
New Bug report received and forwarded. Copy sent to Mike Markley <mike@markley.org>. (Fri, 03 Oct 2008 01:54:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Russell Coker <russell@coker.com.au>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dkim-filter: Should allow configuring DKIM on a per-recipient basis
Date: Fri, 03 Oct 2008 11:51:13 +1000
Package: dkim-filter
Version: 2.6.0.dfsg-1
Severity: important

I tag this bug as important because some people are prevented from using
DKIM due to the configuration of some list servers that are important to
them (such as lists.debian.org).

The DKIM milter should support the use of the length field based on the
recipient address.  Any mail sent to an address matching @lists\. should
have the length field used by default.  The list server will either strip
the DKIM field (as the version of Mailman in Lenny does) in which case it
doesn't matter what you do, or it will send the mail through with no
changes (as the lists.debian.org server does) in which case any
subscriber who performs DKIM checks will regard the mail as invalid if
it does not use the length feature.

The length field can be used for all mail to avoid this problem, but
then you get the same issue if the mail server prepends [listname] to
the Subject line.  To resolve this the DKIM milter needs to support a
list of recipient addresses for which no DKIM headers will be used.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500965
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500966

Ideally the list server would fix this.  I've filed the above two bug
reports against lists.debian.org and I expect that if nothing else a
routine upgrade after Lenny will resolve it.  But we should expect that
there will be significant numbers of mail servers out there that won't
be upgraded for years.




Severity set to `wishlist' from `important' Request was from Mike Markley <mike@markley.org> to control@bugs.debian.org. (Mon, 26 Jan 2009 00:03:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#500967; Package dkim-filter. (Mon, 26 Jan 2009 00:21:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Markley <mike@markley.org>:
Extra info received and forwarded to list. (Mon, 26 Jan 2009 00:21:02 GMT) Full text and rfc822 format available.

Message #12 received at 500967@bugs.debian.org (full text, mbox):

From: Mike Markley <mike@markley.org>
To: 500967@bugs.debian.org
Subject: Further thoughts on feature request
Date: Sun, 25 Jan 2009 16:20:36 -0800
I've changed the severity of this to wishlist because, IMO, that's
precisely what it is.

I understand and don't necessarily disagree with these suggestions; to
that end, I have opened a SourceForge RFE.

With that said, I'm not entirely convinced that dkim-filter is the place
to solve these issues. Off the top of my head, using the l= tag to work
around listserv munging breaks if any multipart/alternative components
of a list message are not text/plain, for example.

In the meantime, while the listservs of the world are updated to
properly support re-signing messages (which I agree will not happen
overnight), the proposed ADSP extension does give you, as a sender, some
input into this (all vs. discardable; see
http://tools.ietf.org/html/draft-ietf-dkim-ssp-08#section-4.2.1).

-- 
Mike Markley <mike@markley.org>




Information forwarded to debian-bugs-dist@lists.debian.org, Mike Markley <mike@markley.org>:
Bug#500967; Package dkim-filter. (Wed, 28 Jan 2009 00:12:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Scott Kitterman <scott@kitterman.com>:
Extra info received and forwarded to list. Copy sent to Mike Markley <mike@markley.org>. (Wed, 28 Jan 2009 00:12:02 GMT) Full text and rfc822 format available.

Message #17 received at 500967@bugs.debian.org (full text, mbox):

From: Scott Kitterman <scott@kitterman.com>
To: 500967@bugs.debian.org
Subject: l= is not a generally useful option
Date: Tue, 27 Jan 2009 19:07:28 -0500
During the IETF working group there was a pretty solid consensus the l= was 
not generally a good idea (not quite enough to get it removed from the 
spec).  The problem with it is that it defeats one of the basic functions 
of DKIM, to give assurance that you are receiving what was sent.

The fact that modification of a message causes verification to fail is a 
feature and not a bug.

Taking a negative action on an unsigned or broken signature message in the 
absence of an appropriate ADSP policy is mistaken.

A DKIM signature gives you a reliable identifier to feed into your 
reputation system (e.g. policy banks in amavisd-new).  Absence of a 
signature just means don't feed it to the reputation system.

I think this request is miguided.

Scott K




Reply sent to Debian FTP Masters <ftpmaster@ftp-master.debian.org>:
You have taken responsibility. (Wed, 11 Jul 2012 09:15:20 GMT) Full text and rfc822 format available.

Notification sent to Russell Coker <russell@coker.com.au>:
Bug acknowledged by developer. (Wed, 11 Jul 2012 09:15:21 GMT) Full text and rfc822 format available.

Message #22 received at 500967-done@bugs.debian.org (full text, mbox):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: 472887-done@bugs.debian.org,499363-done@bugs.debian.org,499364-done@bugs.debian.org,500967-done@bugs.debian.org,501526-done@bugs.debian.org,522394-done@bugs.debian.org,569912-done@bugs.debian.org,588904-done@bugs.debian.org,588905-done@bugs.debian.org,620317-done@bugs.debian.org,632202-done@bugs.debian.org,677552-done@bugs.debian.org,677684-done@bugs.debian.org,
Cc: dkim-milter@packages.debian.org, dkim-milter@packages.qa.debian.org
Subject: Bug#680005: Removed package(s) from unstable
Date: Wed, 11 Jul 2012 09:11:46 +0000
Version: 2.8.2.dfsg-1.1+rm

Dear submitter,

as the package dkim-milter has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see http://bugs.debian.org/680005

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@debian.org.

Debian distribution maintenance software
pp.
Alexander Reichle-Schmehl (the ftpmaster behind the curtain)




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 09 Aug 2012 07:28:06 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 19:39:45 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.