Re: SA DKIM related bug 6462 - Possibly Gmail, Sendmail and/or Thunderbird related?

From: Kevin A. McGrail <>
Date: Thu, 15 Dec 2011 19:17:13 -0500

On 12/15/2011 6:44 PM, SM wrote:
> At 15:25 15-12-2011, Kevin A. McGrail wrote:
>> Specifically, the case change on the To: header.
>> So what rewrote the To: header and why?
>> The one thing I've been able to pin down is that if I use the gmail
>> web-based interface and play around with case, the for part of the
>> received header has the correct case and my DKIM tests work fine.
>> However, when AXB uses thunderbird to send via gmail, the case
>> sensitivity between the for in the received and the To header appears
>> different.
>> Now on a pure sendmail environment on a stock CentOS Installation,
>> attached is an email AXB wrote via Thunderbird sent via gmail. Note
>> that it will fail opendkim UNLESS you modify the to header to the
>> correct email address he used to Somewhere
>> along the way the To: header gets rewritten to all lower case.
>> However, I couldn't reproduce this scenario with all my tests but I
>> don't use anything but Gmail's web interface.
>> So my conclusion is that Thunderbird or Gmail are somehow ending up
>> with one case version of the to address as the for in the received
>> header and a different case version in the to header. Then during
>> delivery, either procmail or sendmail are "fixing" the To: header
>> which is breaking DKIM.
>> Anyone have any recommendations? Is this known behavior in sendmail
>> or procmail? Something specific to Gmail and using an external client?
>> Specific to Thunderbird?
> Sendmail is not causing the problem here. I would also rule out a
> Thunderbird issue. Can you test to see whether the domain gets
> changed to lowercase when you send a message to Gmail?
I disagree. I thought of another test case:

Manual injection on a stock CentOS machine with stock sendmail:

Telnet Dialogue

[root_at_talon1 ~]# telnet localhost 25
Connected to localhost.localdomain (
Escape character is '^]'.
220 ESMTP Sendmail 8.13.1/8.13.1; Thu, 15 Dec 2011
19:09:50 -0500
250 Hello localhost.localdomain [], pleased to
meet you
mail from:
250 2.1.0 Sender ok
rcpt to:
250 2.1.5 Recipient ok
354 Enter mail, end with "." on a line by itself
Subject: Test from Manual SMTP injection

This is a test.
250 2.0.0 pBG09o2Z000464 Message accepted for delivery

Email manually edited from mbox in /var/spool/mail:

 From Thu Dec 15 19:10:33 2011
Return-Path: <>
Received: from (localhost.localdomain [])
         by (8.13.1/8.13.1) with SMTP id pBG09o2Z000464
         for; Thu, 15 Dec 2011 19:10:07 -0500
Date: Thu, 15 Dec 2011 19:09:50 -0500
Message-Id: <>
Subject: Test from Manual SMTP injection

This is a test.

This definitely shows that the case used in the Received header is
re-injected by either procmail or Sendmail changing the case on the
original To header because the header I wrote is clearly overridden.

This behavior subsequently breaks DKIM's ability to check a signature
because of the change on the To: header based on my testing with Gmail.
And I do understand this is not a bug in DKIM unless for the To: Header
is not supposed to be used or case-sensitivity is not supposed to
involved. But I think this is a large issue that likely points to a
major problem with big players in the DKIM arena.

Received on Fri Dec 16 2011 - 00:17:23 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:22 PST