#156 A-R parsing code fails on a large number of result stanzas

opendkim (95)
John Wood

Opendkim is trying to identify A-Rs that were added by itself (apparently; matching authserv-id) and purport some DKIM result. A patch to stop crashes when more than 16 results existed was applied as a work around. Anything added after 16 results is ignored and the header field is not identified as a candidate for removal because it
effectively ignores the presence of the DKIM result. Setting RemoveARAll true works around this, but a cleaner fix is requested for a future release.


  • Murray S. Kucherawy

    To be clear, there is no workaround. The number of results and result parameters has always been 16. The issue here is that opendkim will fail to identify an Authentication-Results header field that it should remove if there's a DKIM result in it that's preceded by at least 16 results from other mechanisms.

    The solution is to make opendkim able to handle an arbitrary number of results reported in a header field, or at least push the number of stored results up beyond some other buffer size limit.

  • Murray S. Kucherawy

    • assigned_to: nobody --> cm-msk
    • priority: 5 --> 6
  • Murray S. Kucherawy

    As of 2.8.4, duplicate results from non-DKIM methods will be discarded.

  • Murray S. Kucherawy

    • Status: open --> closed-fixed

Log in to post a comment.