[Tickets #13877] Re: Add Support for DKIM Validation
noreply at bugs.horde.org
noreply at bugs.horde.org
Wed Mar 18 11:39:23 UTC 2015
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: https://bugs.horde.org/ticket/13877
------------------------------------------------------------------------------
Ticket | 13877
Updated By | arjen+horde at de-korte.org
Summary | Add Support for DKIM Validation
Queue | IMP
Version | 6.2.7
Type | Enhancement
State | Rejected
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
arjen+horde at de-korte.org (2015-03-18 11:39) wrote:
>> What i mean is, verfication of the DKIM Information from Mails and
>> Display if the DKIM are okay, has a problem like (Bad Signig Date,
>> Bad Checksum) or has no DKIM Signig.
>
> If messages have bad DKIM signatures, they should NOT be reaching
> the user. That's the whole purpose of DKIM.
While I agree that showing the DKIM information to end-users is
probably a bad idea, messages with broken DKIM signatures should never
be outright rejected (not shown). The purpose of DKIM is to see
whether or not a message has been 'tampered' with.
Only if a sender has stated in a _dmarc.domain record that messages
should be rejected if failing to authenticate, not showing the message
to an end-user may be an option. But currently there are so many
systems (including the Horde mailinglist server) that break DKIM
signatures, that it is insane to do so based on a broken DKIM
signature alone.
More information about the bugs
mailing list