Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

opendkim milter does not "ignore" signatures marked as ignore but adds the result dkim=fail in AR header #233

Open
futatuki opened this issue Oct 28, 2024 · 1 comment
Open

opendkim milter does not "ignore" signatures marked as ignore but adds the result dkim=fail in AR header #233

futatuki opened this issue Oct 28, 2024 · 1 comment

Comments

@futatuki
Copy link

libopendkim has a feature that some DKIM-Signature header can be marked as "ignore", however opendkim milter does not care the flag and includes results of those ignored signatures (as "dkim=fail") into Authentication-Results: header.

I think those results should not be included in AR header.
@futatuki futatuki changed the title opendkim milter does not "ignore" signatures marked as ignore but add the result of verify in AR header opendkim milter does not "ignore" signatures marked as ignore but adds the result of verify in AR header Oct 28, 2024
@futatuki futatuki mentioned this issue Oct 28, 2024
Open
@futatuki
Copy link
Author

Per RFC8601 Sec 2.7.1., it seems that we should use dkim=policy in such a case, rather than excluding from AR header.

@futatuki futatuki changed the title opendkim milter does not "ignore" signatures marked as ignore but adds the result of verify in AR header opendkim milter does not "ignore" signatures marked as ignore but adds the result dkim=fail in AR header Oct 29, 2024
@futatuki futatuki mentioned this issue Oct 29, 2024
Open
futatuki added a commit to futatuki/OpenDKIM that referenced this issue Dec 22, 2024
@futatuki
Merge pull request trusteddomainproject#234 from futatuki/issue233-fi…
ac96b16 
…x-results-ignored-sigs

FIx issue trusteddomainproject#233: use "dkim=policy" for the result of DKIM signature
which is marked as "ignore" by dkim_sig_ignore(), instead of
"dikim=fail".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@futatuki