wallace breaks dkim signature

Jan Kowalsky jankow at datenkollektiv.net
Sat Jun 2 23:37:52 CEST 2018


Hi Franz,

sorry, anyhow I don't get it.

Am 02.06.2018 um 17:30 schrieb Skale, Franz:
> Hi Jan,
> It doesn't matter if the milter doesn't change the message or not.
> It has to take care of the encoding to represent the OS the right
> internal character set.

I think, there is noting wrong about character set. What should be wrong
on uft-8 with 8bit transfer encoding?

My mua (e.g. thunderbird) sends email with utf-8 and 8bit encoding - as
far as I set it to convert it to quoted printable.

Without wallace in line I receive the testmail:

----------------- Mail Start ----------------------------
Return-Path: <demo at example.org>
Received: from mx0.datenkollektiv.net ([10.0.2.1])
	 by mail.datenkollektiv.net (Cyrus
git2.5+0-Debian-2.5~dev2015021301-0~kolab1) with LMTPA;
	 Sat, 02 Jun 2018 23:23:34 +0200
X-Sieve: CMU Sieve 2.4
Sender: demo at example.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.org;
s=dkim201805;
	t=1527974414; h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:in-reply-to:
	 references; bh=2daQtWGer16oLmYYJEl3J5smXKBAQ8azeMPtCJyWnZE=;
	b=Xu32ZwKclJcIRu2zhRLic1Lh8p4284Tj4XfoTJuKgJ6yyHenGJ+5AS5n9ujn7bjB8QAP+d
	GOe7To7REh4QPxMwV8fpSLVLJUu/4QvXTem/36nqfY/CsNrqEZEzu4XRMKIkjwcabmCkVx
	ATNkoOB7aGOF1UKYgP3xhMYScTv9QjPiyJ0BCtfUuNUmeof6xLHTUt9kC1qIUwurs5joEj
	Om/Q0PlQYFPw0U3HVypEssWh8L0iMtZa2t95BDo8xXL7wNMLeKKOjXT0iC/6PYuqhe8W+X
	43ngV378Ho1rHYutdLh+4AVG8B8C3bPrPIFoJJsmpUR8xJf9rLJKYkMh09Nrmw==
From: Test User <demo at example.org>
Subject: testmail
To: demo at example.org
Message-ID: <ae50f44e-8b63-a2f2-90b3-3a712cd7fdad at example.org>
Date: Sat, 2 Jun 2018 23:23:25 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit

text with non-ascii characters: äöü
----------------- Mail End ----------------------------

Turning on Wallace:

----------------- Mail Start ----------------------------
Return-Path: <demo at example.org>
Received: from mx0.datenkollektiv.net ([10.0.2.1])
	 by mail.datenkollektiv.net (Cyrus
git2.5+0-Debian-2.5~dev2015021301-0~kolab1) with LMTPA;
	 Sat, 02 Jun 2018 23:17:45 +0200
X-Sieve: CMU Sieve 2.4
Sender: demo at example.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.org;
 s=dkim201805;
 t=1527974067; h=from:from:sender:sender:reply-to:subject:subject:date:date:
 message-id:message-id:to:to:cc:mime-version:mime-version:
 content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:in-reply-to:
 references; bh=2daQtWGer16oLmYYJEl3J5smXKBAQ8azeMPtCJyWnZE=;
 b=on6XeWbnA//yFxpJ/tNo8+d51PwEG90wJKuqsIAnywnsHj2YitYRQEmF77PkJvhiFsSQc4
 NfLX5c1ZWn4QrYEasIP8DLlNcenrMlNWIGL798azFfzsnGgJigr1UaqvOhJjJXl6SKvdyn
 a76+GBZt/nRIoWbpD814HJMyrys3SthIdaR8t06N9tGe6qdRNbDSazjrhs032/AKFsbk8V
 gJ6iJHM1tsg+LK4GNtjV8KsldNcUChRgfIoC/oTGW1p1B8y3mSahCIL54mjKYpN9X6gbmG
 kVp9wFH6Sc5z+Ywt/W985qZweapjApkXPb3SLUjDNw9vnk1Ld516wFYuFx4M7Q==
To: demo at example.org
From: Test User <demo at example.org>
Subject: testmail
Message-ID: <bcfea1c4-3173-e082-6cd7-c400321c6c3a at example.org>
Date: Sat, 2 Jun 2018 23:17:42 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

text with non-ascii characters: =C3=A4=C3=B6=C3=BC
----------------- Mail End ----------------------------

So of course the body was changed by wallace.

> It use spamassassin as well as other content filters.
> Of course they reaveive the whole body but only mangle the header.
> Nevertheless, the forwarded bytestream must have the right, internal
> character encoding.

But actually it does in my case. There is no difference with or without
milter. The milter just adds signature as a header. Wallace does change
the transfer-encoding later changing any 8bit to quoted printable. Since
the signature is calculated about the whole mail body which is changed,
any signature added before is broken.

Without milter I have the same situation. First without wallace:

----------------- Mail Start ----------------------------
Return-Path: <demo at example.org>
Received: from mx0.datenkollektiv.net ([10.0.2.1])
	 by mail.datenkollektiv.net (Cyrus
git2.5+0-Debian-2.5~dev2015021301-0~kolab1) with LMTPA;
	 Sat, 02 Jun 2018 23:28:31 +0200
X-Sieve: CMU Sieve 2.4
Sender: demo at example.org
From: Test User <demo at example.org>
Subject: testmail
To: demo at example.org
Message-ID: <7bfc7832-8ef9-d476-99e1-13fdb6d41f6e at example.org>
Date: Sat, 2 Jun 2018 23:28:30 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit

text with non-ascii characters: äöü
----------------- Mail End ----------------------------

Again whith Wallace:

----------------- Mail Start ----------------------------
Return-Path: <demo at example.org>
Received: from mx0.datenkollektiv.net ([10.0.2.1])
	 by mail.datenkollektiv.net (Cyrus
git2.5+0-Debian-2.5~dev2015021301-0~kolab1) with LMTPA;
	 Sat, 02 Jun 2018 23:29:19 +0200
X-Sieve: CMU Sieve 2.4
Sender: demo at example.org
From: Test User <demo at example.org>
Subject: testmail
To: demo at example.org
Message-ID: <a74a6779-4494-f778-5b83-732661f05a9e at example.org>
Date: Sat, 2 Jun 2018 23:29:18 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

text with non-ascii characters: =C3=A4=C3=B6=C3=BC
----------------- Mail End ----------------------------



> My own MUA uprades all stream using UTF-8 (utf8::upgrade).

When I configure my MUA to force sending mails quoted-printable
(strictly mime) everything is ok. But we don't have control about the
MUAs from our customers. So in most cases people (if using thunderbird)
will send mails with 8bit transfer encoding.

So I tried to understand where wallace forces transfer encoding to
quoted printable but didn't find it (except in the particular modules.

Best regards
Jan


More information about the users mailing list