#22 Option to omit signing specific headers

v0.3.0
closed
5
2006-03-13
2005-10-06
blentz
No

Greetings,
Because I have a broken MTA (Microsoft Exchange)
sending mail through my signing system, I have a need
to be able to tell dk-milter not to sign my mail using
specific headers.

I would like dk-milter to have a new command line
option that disables signing a comma-separated list,
like -d, of specific headers.

The specific header that's causing woes is Return-Path,
but I'd imagine the new option should be flexible
enough to disable whatever headers the user wants.

If this is too much to ask, a command line option that
simply disables Return-Path headers might suffice,
however others may find it useful to disable other
headers instead of or in addition to Return-Path.

I believe such a theoretical option may have a
dependancy on -H.

Thank you for your time,
Ben Lentz

Discussion

  • blentz

    blentz - 2005-10-06
     
  • blentz

    blentz - 2005-10-06

    Logged In: YES
    user_id=997838

    Enclosed is a quick-and-dirty patch to remove Return-Path
    headers from being included in the signature. Maybe
    necessary for folks using MS Exchange with dk-milter-0.3.0.

     
  • Anonymous - 2005-11-22
    • assigned_to: nobody --> sm-msk
     
  • Anonymous - 2005-12-02

    Logged In: YES
    user_id=1048957

    Done for the next release.

    I opted to do this in dk-filter.c rather than dk.c, because
    I'd like libdk to be strict to the specification of
    DomainKeys, while dk-filter can be the place we make
    system-specific choices.

     
  • Anonymous - 2005-12-02

    Logged In: YES
    user_id=1048957

    Done for the next release.

    I opted to do this in dk-filter.c rather than dk.c, because
    I'd like libdk to be strict to the specification of
    DomainKeys, while dk-filter can be the place we make
    system-specific choices.

     
  • Anonymous - 2005-12-03
    • status: open --> closed
     
  • Anonymous - 2005-12-03

    Logged In: YES
    user_id=1048957

    v0.3.1 released.

     
  • blentz

    blentz - 2005-12-12

    Logged In: YES
    user_id=997838

    -o is *NOT* working. Upgraded from 0.3.0 to 0.3.1 and tried
    running with:

    dk-filter -l -p inet:3339@localhost -d channing-bete.com -i
    /etc/mail/dk-filter-peers -s /etc/mail/sendmail.key -S smtp
    -c nofws -o return-path -H

    And am getting signatures like:
    DomainKey-Signature: a=rsa-sha1; s=smtp;
    d=channing-bete.com; c=nofws; q=dns;
    h=received:message-id:date:from:user-agent:mime-version:to:
    subject:content-type:return-path:x-originalarrivaltime:x-antivirus;
    b=1r5xfe/zg+f0Y2OYsKHlA4KTlRsqWsozMfqqZrRg3OgqWLsTG8MDuGsDTKlOCZm9g
    EIGIGR8H/jYUBWd7WwvHw==

    Obviously, return-path is still being signed, so -o
    return-path is being ignored.

     
  • blentz

    blentz - 2005-12-12
    • status: closed --> open
     
  • Anonymous - 2006-03-06

    Logged In: YES
    user_id=1048957

    v0.3.3 contains a working version. Patch supplied privately.

     
  • Anonymous - 2006-03-13
    • status: open --> closed
     
  • Anonymous - 2006-03-13

    Logged In: YES
    user_id=1048957

    v0.3.3 released.

     
  • blentz

    blentz - 2006-04-11

    Logged In: YES
    user_id=997838

    Okay, so it took me like a month to find the time to test
    out -o with 0.3.3, but I finally did, and it works great.

    Thanks a bunch!!!

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks