IETF Logo Mail Archive

Re: [Ietf-dkim] Question about lone CR / LF

Dave Crocker <dhc@dcrocker.net> Fri, 02 February 2024 03:34 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B27DC14F616 for <ietf-dkim@ietfa.amsl.com>; Thu, 1 Feb 2024 19:34:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dcrocker.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SmWXSoyzTVqo for <ietf-dkim@ietfa.amsl.com>; Thu, 1 Feb 2024 19:34:49 -0800 (PST)
Received: from bumble.maple.relay.mailchannels.net (bumble.maple.relay.mailchannels.net [23.83.214.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EB13C14F60A for <ietf-dkim@ietf.org>; Thu, 1 Feb 2024 19:34:48 -0800 (PST)
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 708D214370B for <ietf-dkim@ietf.org>; Fri, 2 Feb 2024 03:34:48 +0000 (UTC)
Received: from uk-fast-smtpout4.hostinger.io (unknown [127.0.0.6]) (Authenticated sender: hostingeremail) by relay.mailchannels.net (Postfix) with ESMTPA id A16A41433DE for <ietf-dkim@ietf.org>; Fri, 2 Feb 2024 03:34:47 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706844887; a=rsa-sha256; cv=none; b=j8hM3UidicO3zRD+G073/FCOyqsfn9cQmfg0sf9TJ3b8iSA23nn0dVLgrdMHhNmT+Ax4jk xQ2sNt0tFFmoyHTxd0vWLS3dBAW/Z9cUagjReEoBPxhK4I56qd0BWKEtqxcysC+M4lGhnd MeCzLyidD2LYMGXHF+dutWGezx2SpLiRIdEItod/YxObWkkYtn55MtOCdxf/uVWLE/4RQw +iKfPZloXGNlDXe1rgKAVQ4X+lN08BHzt50fBjHtr0PGdP/zAO8AZiMQhzIAEtFpLU2lkE L7MKLophbPI3hg+GwBhkQbIwMIIkqSIrKRbvZNpQMDpZXAjuzCOX2U+Oicp0Vg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706844887; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qZgpR1NUFtsN9PCyPZf3JDq5TnpGKdlMIZxB7e4xx1Y=; b=+Nu7j7vb7h9n2L1YSkcxFLfET+dn42UeIIzN5uPiPBPSmA9wuTM+PEcsLALheTtry1UtYJ E3vIbDCwBFS02dXed8sLyhdXUCJEuwSiYSUWlyobnEFincBvYzheqPAjc0lg8DZTghU1nl M8G06qfOVLsZsZsFBPHFMy2RzNsVPa5RfZhRhbSBF+b6gSPKdzCaaO42Ap/n6cl3rxmSuw QwdZzZtfcubxbNvZYirJGKUSx+q61d0/eukQElKgITClSqm153pxrKrbf/og19uiXhazKQ Dgtx46l9wMujUiQbig2zRXz+KbVDgiWhy6fUN60wOpQ4fySHOgs2yaD0IqHeMQ==
ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-4r2dq; auth=pass smtp.auth=hostingeremail smtp.mailfrom=dhc@dcrocker.net
X-Sender-Id: hostingeremail|x-authuser|dhc@dcrocker.net
X-MC-Relay: Neutral
X-MailChannels-SenderId: hostingeremail|x-authuser|dhc@dcrocker.net
X-MailChannels-Auth-Id: hostingeremail
X-White-Abortive: 51d30f5761895915_1706844888167_3031562770
X-MC-Loop-Signature: 1706844888167:741617242
X-MC-Ingress-Time: 1706844888167
Received: from uk-fast-smtpout4.hostinger.io (uk-fast-smtpout4.hostinger.io [31.220.23.38]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.126.230.231 (trex/6.9.2); Fri, 02 Feb 2024 03:34:48 +0000
Message-ID: <4b2babc1-5c83-4e4b-82f0-76c2763dbaa3@dcrocker.net>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dcrocker.net; s=hostingermail-a; t=1706844878; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qZgpR1NUFtsN9PCyPZf3JDq5TnpGKdlMIZxB7e4xx1Y=; b=dBdGKSR+9rGbmfY0FR/HSgDTiBeKpPOUNAydK5UyMfgoK8xP1HQZ850Ff0NetCxhtVdKbr N+mHyNwnYx5r6H4NgXCYP0nmCXFcJCHmoroNGvGQeVR/VFJzYDnT2pvl5vN1EAi11iNrpH rxzAbC06tfbL8Pz50mlnQ/uKKM63AAFEYEc/l3BZw1+V5LWI4Q8lhfwN5XxxODFNrBd4Wp pYuYkelvu/saM/IXlF3sfushdIkJFW54Ob7MV8bVzs/aFKNSwFdcynndJaUCLF6XYm7utF /7fq9Tm5xksCWn5V8DwJMyvG6emBYf2WX5PQnUSNO+dFQRxLXNfelEz2PAor/w==
Date: Thu, 01 Feb 2024 19:34:44 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Reply-To: dcrocker@bbiw.net
Content-Language: en-US
To: ietf-dkim@ietf.org
References: <20240201180340.852B6820560B@ary.qy> <E8C1422D-4A9C-412A-BF5E-D07CABD2BFE2@callas.org> <95f2ba17-a81e-4adc-97d0-6c7387ade5f5@dcrocker.net> <e2753f82-cc7b-d220-cd42-2afb3f5865be@taugh.com> <26b61068-9a70-44ce-bde4-240fff1c154c@dcrocker.net> <e1e0a6fe-b4de-b2da-84d4-2e9707d25ab1@taugh.com>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
In-Reply-To: <e1e0a6fe-b4de-b2da-84d4-2e9707d25ab1@taugh.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-CM-Analysis: v=2.4 cv=RsPDLjmK c=1 sm=1 tr=0 ts=65bc62d5 a=f+oD5hTMMv8HtluUlp4ziA==:117 a=f+oD5hTMMv8HtluUlp4ziA==:17 a=IkcTkHD0fZMA:10 a=k7Ga1wGzAAAA:8 a=geA1LjP_-khVLGpL4BAA:9 a=3ZKOabzyN94A:10 a=QEXdDO2ut3YA:10 a=ijMaxGghyylP-n2pFjDB:22
X-CM-Envelope: MS4xfNoASmnkJxmgOBjEfWA+mzpHeX2OpAlcoDYqtgicqEtUu99cWc8EsbIcXID9QPXJm9WUO3TwalBDzUWisvtt5sJAkd+YltI57zC596CKCaYLwzZABKb5 NfmRI7h+8mkataxutu8vlG0LjJZqpZbqxtUntePJZxxnGwSNrPh59Sxk76cVqx0AMCJuNqtICLSdwA==
X-AuthUser: dhc@dcrocker.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/aTdS95032ovoPofgJ-V7_WX94C0>
Subject: Re: [Ietf-dkim] Question about lone CR / LF
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2024 03:34:54 -0000

On 2/1/2024 7:31 PM, John R Levine wrote:
>>> Layering is a fine principle, but it's not how DKIM has ever worked 
>>> in practice.  Two weeks ago we had a long discussion about 
>>> oversigning, so DKIM validators can catch messages with multiple 
>>> From: or Subject: headers which have never been valid in any version 
>>> of 822/2822/5322 but show up anyway.
>>
>> Please explain how you think DKIM violates layering.
>
> What I said in my previous message, people use oversigning to catch 
> 5322 header violations.

Except that that isn't a layer violation, as I noted.

It is a behavior within DKIM that only affects DKIM.



>>> For the specific issue of bare CR or LF, I was reminded on another 
>>> list that there is a trendy attack called SMTP smuggling which 
>>> depends on mail software inconsistently accepting bare CR or LF, and 
>>> mail providers are busy patching to fix it.
>>
>> That has nothing to do with DKIM, of course.
>
> Opinions differ.

The prohibition is not in DKIM. So the violation is not within DKIM.  
And why should DKIM care?

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@dcrocker@mastodon.social

v2.23.0 | Report a Bug | By Email