Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#105 X-Bogosity header Interferes with DomainKeys and DKIM

closed
nobody
None
7
2009-02-22
2007-02-23
Scott Roy Atwood
No

The X-Bogosity header is written at the end of the message headers in the write_message method of passthrough.c.

DomainKeys and DKIM are anti-spoofing technologies that add a cyptographic signaure of a hash of the the entire email message after the DomainKey-Signature or DKIM-Signature line, including email headers. If any headers are added after after one of these lines, it will spoil the signature and invalidate the spoof protection of these technologies.

Bogofilter should be modified to inject the X-Bogosity header before any DomainKeys-Signature or DKIM-Signature line that exists in the message.

Discussion

    • priority: 5 --> 7
     
  • David Relson
    David Relson
    2007-02-24

    Logged In: YES
    user_id=30510
    Originator: NO

    I'll take a look at the passthrough code and see what can be done.

    It's not appropriate for bogofilter to have a hard-wired header check. As there are likely multiple tools adding headers and different folks will likely want the X-Bogosity header placed differently, checking for "DomainKey-Signature" or "DKIM-Signature" would be a bad idea. Rather, it's reasonable to have a config option. "X-Bogosity-position some_header_line" could be used to direct the placement.

    Note: as the "X-Bogosity" keyword is specified by the "spam_header_name=X-Bogosity" config option, naming the new option as "spam_header_placement" would be better.

     
  • David Relson
    David Relson
    2007-02-26

    Patch for "--spam-header-place=header_line"

     
    Attachments
  • David Relson
    David Relson
    2007-02-26

    Logged In: YES
    user_id=30510
    Originator: NO

    File Added: patch.0225.v115.txt

     
  • David Relson
    David Relson
    2007-02-26

    Logged In: YES
    user_id=30510
    Originator: NO

    Scott,

    The attached patch adds a "--spam-header-place=xyz" capability which can be used as a config file option or a command line option. Give it a try and let me know whether it does what you want. If not, send me a sample message (providing the original message and the expected output).

    Regards,

    David

     
  • Logged In: YES
    user_id=1118485
    Originator: YES

    The machine that I receive mail an run bogofilter on had a hard disk crash, and it may be a week or two until it is fully restored. I'll give your patch a try as soon as my machine is back on its feet again.

     
  • David Relson
    David Relson
    2009-02-22

    • status: open --> closed