You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/10/19 17:54:04 UTC
[Bug 5140] New: Misc improvements to Plugin::DomainKeys
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
Summary: Misc improvements to Plugin::DomainKeys
Product: Spamassassin
Version: 3.1.7
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Plugins
AssignedTo: dev@spamassassin.apache.org
ReportedBy: Mark.Martinec@ijs.si
Three unrelated smaller improvements to Plugin::DomainKeys
(sorry to have stashed them all under the same umbrella,
but the attached patch is quite straightforward):
- more informative debugging output (dk:);
- avoid fetching DK policy when signature is valid (verifies),
as required by draft-delany-domainkeys-base-06;
- avoid sanitizing header (stripping away trailing header fields
likely to be inserted by LDA or MUA) when signature header contains
a "h" tag, which explicitly lists header fields which were included
in signature calculation.
The last item deserves explanation: when a signer provides a list of
header fields that were signed, a verifier only takes into account these
header fields, and other appended header fields are ignored. Sanitizing
header in this case is unnecessary and if we are lucky just wastes time
(duplicates the effort of Mail::DomainKeys module). If we are unlucky,
the sanitizing subroutine could remove a trailing header field that was
included in a signature, thus breaking it. So, sanitizing is only helpful
when there actually is a signature header field present, and that signature
header field tells the verifier (by omitting a "h" tag) that the whole
remaining header is to be included in calculation.
Mark
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From spamassassin@dostech.ca 2006-12-08 13:44 -------
Sending lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
Transmitting file data .
Committed revision 484798.
[dos@FC5-VPC 3.1]$
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
------- Additional Comments From jm@jmason.org 2006-11-03 10:41 -------
applied, r470939.
+1 to both patches for 3.1.x btw
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
felicity@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status Whiteboard|Needs 2 votes for 3.1 branch|Needs 1 vote for 3.1 branch
------- Additional Comments From felicity@apache.org 2006-12-08 11:46 -------
sure. +1
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
------- Additional Comments From Mark.Martinec@ijs.si 2006-10-19 08:55 -------
Created an attachment (id=3721)
--> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3721&action=view)
Proposed patch
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
------- Additional Comments From Mark.Martinec@ijs.si 2006-11-03 06:41 -------
Created an attachment (id=3741)
--> (http://issues.apache.org/SpamAssassin/attachment.cgi?id=3741&action=view)
small update on top of previous patch
Two small adjustments (diff from trunk):
- fix parsing of tag (tags are case-sensitive, whitespace
may appear before and after tag name and value);
- let DK_POLICY_TESTING be true if t=y appears in a public key,
even when policy record is not fetched.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.2.0
------- Additional Comments From jm@jmason.org 2006-10-19 09:17 -------
yep, I can go for that: +1
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Misc improvements to |[review] Misc improvements
|Plugin::DomainKeys |to Plugin::DomainKeys
Status Whiteboard| |Needs 2 votes for 3.1 branch
Target Milestone|3.2.0 |3.1.8
------- Additional Comments From jm@jmason.org 2006-11-02 13:39 -------
applied to 3.2.0; re-aiming at 3.1.x:
: jm 55...; svn commit -m "bug 5140: improvements to DomainKeys support, thanks
to Mark Martinec: improve debugging; avoid fetching DK policy when the signature
is valid (verifies), as required by draft-delany-domainkeys-base-06; avoid
sanitizing header (stripping away trailing header fields likely to be inserted
by LDA or MUA) when signature header contains a "h" tag, which explicitly lists
header fields which were included in signature calculation."
lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
Sending lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
Transmitting file data .
Committed revision 470533.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5140] [review] Misc improvements to Plugin::DomainKeys
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5140
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status Whiteboard|Needs 1 vote for 3.1 branch |go
------- Additional Comments From spamassassin@dostech.ca 2006-12-08 13:37 -------
+1, thanks Mark.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.