IETF Logo Mail Archive

[Ietf-dkim] Re: DKIM with body length

Philip Guenther <pguenther@proofpoint.com> Thu, 23 May 2024 18:28 UTC

Return-Path: <pguenther@proofpoint.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E181CC14F6A1 for <ietf-dkim@ietfa.amsl.com>; Thu, 23 May 2024 11:28:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.794
X-Spam-Level:
X-Spam-Status: No, score=-2.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=proofpoint.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 76q5pHPpv2eO for <ietf-dkim@ietfa.amsl.com>; Thu, 23 May 2024 11:28:30 -0700 (PDT)
Received: from mx0a-00148503.pphosted.com (mx0b-00148503.pphosted.com [148.163.159.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1736AC1B162F for <ietf-dkim@ietf.org>; Thu, 23 May 2024 11:28:29 -0700 (PDT)
Received: from pps.filterd (m0086146.ppops.net [127.0.0.1]) by mx0b-00148503.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 44NHhjNd013761; Thu, 23 May 2024 11:28:28 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proofpoint.com; h=cc:content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=corp-2019-08-07; bh=FEWYWOlnHy9tSV/c6w XaOaPt07BgTSGw1zP2290egQU=; b=Qp5tXdk+dFAKGnNE2LwoE5d38Tihd1uQ0A aHSWKvwRL+brgWC+CrhuctZ0JQVMVpnpWiaeDr1W/SyVdYHmj9pU8pRwuN1tmceX RDBBPIZF8e/x6MBlp3BcLf0kK23aq2HXuDp1n0MfE2/UapzoE1oYXvEp7WfaBLyR givsNOD3bXPvYOGpow/fUBOupTBm6O4yINrnilsJjBprNofUS9PaAQH+xrx1cICJ LAWmUwbZQ3MBlOn9qKy2z65hZ2LfEH400qc2HVSwIqZYli0KiKaM25DgORaknJeG +eM0B0/kiQoCPkA/QW2Ez/6Ct8Y0HxqHEvLvxSmbSyX/YJyzHZog==
Received: from lv-ex01.corp.proofpoint.com ([136.179.16.100]) by mx0b-00148503.pphosted.com (PPS) with ESMTPS id 3yaaexgq9d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 23 May 2024 11:28:28 -0700 (PDT)
Received: from lab.smi.sendmail.com (10.19.16.20) by LV-EX01.corp.proofpoint.com (10.19.10.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Thu, 23 May 2024 11:28:26 -0700
Date: Thu, 23 May 2024 11:28:11 -0700
From: Philip Guenther <pguenther@proofpoint.com>
To: John Levine <johnl@taugh.com>
In-Reply-To: <20240523181307.5EB598BDB226@ary.qy>
Message-ID: <1f7309ee-90e1-c087-aaf2-a50c307d5f72@proofpoint.com>
References: <20240523181307.5EB598BDB226@ary.qy>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
X-Originating-IP: [10.19.16.20]
X-ClientProxiedBy: lv-ex04.corp.proofpoint.com (10.19.10.30) To LV-EX01.corp.proofpoint.com (10.19.10.27)
X-PassedThroughOnPremises: Yes
X-Proofpoint-GUID: ea5rIoU7sSM7ZBhiMKiGJmGuybKYFmjl
X-Proofpoint-ORIG-GUID: ea5rIoU7sSM7ZBhiMKiGJmGuybKYFmjl
X-Authority-Analysis: v=2.4 cv=EqyArjcA c=1 sm=1 tr=0 ts=664f8acc cx=c_pps a=/TFhC0HeR1xEd6BarA6MMg==:117 a=/TFhC0HeR1xEd6BarA6MMg==:17 a=gDBK-mJaIswA:10 a=kj9zAlcOel0A:10 a=TpHVaj0NuXgA:10 a=pGLkceISAAAA:8 a=e-HLMm4m2dPIwS8GNL0A:9 a=CjuIK1q_8ugA:10
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.12.28.16 definitions=2024-05-23_11,2024-05-23_01,2024-05-17_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1011 priorityscore=1501 impostorscore=0 suspectscore=0 mlxlogscore=415 spamscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 malwarescore=0 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.21.0-2405170001 definitions=main-2405230129
Message-ID-Hash: R45CY6H3QI24IYYHVXNCWB4TSGK4A6YP
X-Message-ID-Hash: R45CY6H3QI24IYYHVXNCWB4TSGK4A6YP
X-MailFrom: pguenther@proofpoint.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-dkim.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ietf-dkim@ietf.org, superuser@gmail.com
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Ietf-dkim] Re: DKIM with body length
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-dkim-owner@ietf.org>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Subscribe: <mailto:ietf-dkim-join@ietf.org>
List-Unsubscribe: <mailto:ietf-dkim-leave@ietf.org>

On Thu, 23 May 2024, John Levine wrote:
> It appears that Murray S. Kucherawy  <superuser@gmail.com> said:
> >I've read the middle part a few times and I don't understand either the
> >attack or the proposed mitigation, so I think some examples might help.
> 
> The attack requires l= and an unsigned Content-Type header.
> 
> If Content-Type isn't signed, the bad guy can change the part boundary
> string and then add new parts with the new boundary at the end. The
> entire original message, which is all that the l= covers, is ignored
> as junk before the first boundary.

There's a related, though much less general, attack that works even if you 
don't use the l= tag: on a message which has nested multiparts, there are 
multiple potential delimiters that will look legit to a MIME parser, so if 
you don't sign Content-Type** then an attacker can change the delimiter 
from the outermost to a inner delimiter and make it appear that the sender 
directly sent just that inner content, possibly resulting in 
misattribution.


** or don't over-sign and clients use the first found...



> On the other hand, I see that the perl and python DKIM modules sign
> the MIME Content-* headers by default. Do you remember what opendkim
> does? A quick look at the code wasn't too enlightening.

Unfortunately, the most recently released version of opendkim doesn't sign 
any MIME headers by default.  Lacks RFC 8058's List-Unsubscribe-Post too.


Philip Guenther

v2.41.0 | Report a Bug | By Email | System Status