RE: more looking at stats

From: Murray S. Kucherawy <>
Date: Fri, 18 Feb 2011 09:04:05 -0800

> -----Original Message-----
> From: [] On Behalf Of Mark Martinec
> Sent: Friday, February 18, 2011 8:43 AM
> To:
> Subject: Re: more looking at stats
> That may well be. Regardless, the To and Cc header fields
> are quite commonly munged by mailers, let alone by MUAs.
> For example, sendmail has a nasty habit of 'prettifying'
> the list of addresses if it doesn't fit its idea of a nice form.
> Also, some mailers would append a local domain to a
> non-FQDN recipient address in a To and Cc header field.

The only changes I've seen sendmail make include adding quotes where they are legally required but not present in the injected message (so the original generator got it wrong), or adding spaces after commas when a list of addresses is present. I don't think it does anything like re-wrapping long lines or such. I don't know what postfix, exim, or the others do at all.

In any case, I agree that To: and Cc: are easy to get wrong and signing them doesn't offer much protection. From: and Subject: remain the most interesting ones to cover because they, or parts of them, are what MUAs show to users.

It's certainly the case that OpenDKIM offers a mechanism skip signing those if people want to try it. In fact, it gets simpler in 2.3.0.

Knowing which field(s) changed causing a signature to fail depends on the signer using "z=" and the verifier actually parsing it (requiring an FFR be enabled at the verifier), so in fact we only have a very limited set of data. Our tables have "z=" data from only 115 signing domains (out of over 43,000) and eight reporting hosts in this regard. That may not be enough to draw a conclusion. We need more reporters.

Are you willing and able to start sending us a statistics feed?

Received on Fri Feb 18 2011 - 17:04:13 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:16 PST