#255 Multi-line headers break signatures
Hey,
I found a problem with signing emails that contain multi-line Subject, To, or any headers that get signed.
I have a django application which sends those emails, and I noticed that when using a long encoded Subject line (or To, From for that matter), which in the source is visible as a new line after the header, the DKIM signature will be bad.
I tracked the issue down to OpenDKIM. Looked at the actual SMTP output of django, and the signed messages. The only difference I see is the multi-line headers. I'll attach the 4 files (good and bad results, before and after).
As you can see, inbetween there are postfixes processing the mails, and the have no extra configuration. Google's gmail also considers the signatures to be bad.
Please have a look, I think this is a critical issue. 2.10.3 has it, which is widespread on ubuntu LTS servers.
Cheers,
László
Related
The reason is that after
To:a new line follows immediately, see [#226].Related
Bugs:
#226