Re: Results returned by Opendkim in email header

From: Mark Martinec <>
Date: Tue, 1 Mar 2011 19:25:16 +0100


> Authentication-Results is defined in RFC5451, and the possible DKIM values
> are listed there. The "header.b" extension was added in RFC6008.
> ADSP is defined in RFC5617, and it adds the "dkim-adsp" values.

Toying a bit with OpenDKIM 2.3.0 and RFC 6008 I noticed that the
opendkim can be lured into copying a long b tag from a signature
into its A-R header field (using a duplicated signature), e.g.:

Authentication-Results:; dkim=pass (1024-bit key)

That makes a 184-character header line, which exceeds the recommended
(SHOULD) size of 78 in RFC 5322. I didn't check if a 998 char limit could
be exceeded in this way.

The RFC 6008 doesn't say anything about a possibility of adding FWS into
the header.b . According to RFC 5451 one could use a quoted-string for
this purpose which may embed FWS, but there is no semantic note
saying that such FWS in a quoted-string of header.b could be ignored.

So, is this a specification problem, or an implementational one?

Btw, it would be nice if RFC 5451 would mandate or at least recommend
that the A-R subfields or separate A-R header fields regarding DK/DKIM
signatures should follow the order of signatures in a mail header section.
The A-R is already declared a trace field, so adding a word on its
internal order would even eliminate the need for RFC 6008.

Received on Tue Mar 01 2011 - 18:25:28 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:16 PST