Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: DBMail: users

dbmail forwarding breaks emails signed by domainkeys

 

 

DBMail users RSS feed   Index | Next | Previous | View Threaded


namailsj at yahoo

Oct 12, 2009, 8:38 AM

Post #1 of 5 (1269 views)
Permalink
dbmail forwarding breaks emails signed by domainkeys

I'm having problems when forwarding domaikeys (not DKIM) signed emails from dbmail to a mailserver (such as gmail) that checks for DomainKeys.

ebay uses DomainKeys not DKIM for signing their emails, and Yahoo uses both domainkeys and DKIM, so the problem at this moment is only with ebay.

From ebay site  when I click on "share" an auction with a friend, it sends an email to an email-id on dbmail server which is configured to forward to an address at gmail.com but it fails.
As I understand that dbmail forward opens a pipe to sendmail (sendmail command from postfix in this case) which re-writes the From address hence invalidating the email signed using domainkeys.
Whereas if email is forwarded without interacting with dbmail such as using virtual_maps or .forward file, then postfix doesn't rewrite any of the headers and all the forwards work fine.

I'm having a tough time figuring out a workaround to this problem so any help from anybody would be very much appreciated.
Is there any other alternative pipe program that can be used to forward emails.


Thanks




_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


namailsj at yahoo

Oct 15, 2009, 2:50 PM

Post #2 of 5 (1198 views)
Permalink
Re: dbmail forwarding breaks emails signed by domainkeys [In reply to]

diff of emails forwarded by dbmail and postfix shows that dbmail changes the "Mime-Version" to "MIME-Version" (upper-case MIME) and splits Content-Type in two lines, second line starting with a TAB before the boundary. Could this be enough to invalidate the domainkey signatures

copy/pasting the diff below but email might not show the tabs or newline, so attaching it as a text file also.

[mymail [at] mymai 7]# diff -c postfix_forward dbmail_forward
*** postfix_forward 2009-10-15 14:25:45.000000000 -0700
--- dbmail_forward 2009-10-15 14:25:41.000000000 -0700
***************
*** 9,18 ****
Reply-To: member [at] ebay
To: XXX [at] XXX
Subject: XXX thought you might like this item on eBay
- Mime-Version: 1.0
- Content-Type: multipart/alternative; boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
X-eBay-MailTracker: 11030.637.0.50297
X-eBay-MailVersionTracker: 637.10150400

--1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
Content-Type: text/plain;charset=ISO-8859-1
--- 9,19 ----
Reply-To: member [at] ebay
To: XXX [at] XXX
Subject: XXX thought you might like this item on eBay
X-eBay-MailTracker: 11030.637.0.50297
X-eBay-MailVersionTracker: 637.10150400
+ MIME-Version: 1.0
+ Content-Type: multipart/alternative;
+ boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003

--1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
Content-Type: text/plain;charset=ISO-8859-1




----- Original Message ----
From: N Sj <namailsj [at] yahoo>
To: dbmail [at] dbmail
Sent: Mon, October 12, 2009 8:38:31 AM
Subject: [Dbmail] dbmail forwarding breaks emails signed by domainkeys

I'm having problems when forwarding domaikeys (not DKIM) signed emails from dbmail to a mailserver (such as gmail) that checks for DomainKeys.

ebay uses DomainKeys not DKIM for signing their emails, and Yahoo uses both domainkeys and DKIM, so the problem at this moment is only with ebay.

From ebay site when I click on "share" an auction with a friend, it sends an email to an email-id on dbmail server which is configured to forward to an address at gmail.com but it fails.
As I understand that dbmail forward opens a pipe to sendmail (sendmail command from postfix in this case) which re-writes the From address hence invalidating the email signed using domainkeys.
Whereas if email is forwarded without interacting with dbmail such as using virtual_maps or .forward file, then postfix doesn't rewrite any of the headers and all the forwards work fine.

I'm having a tough time figuring out a workaround to this problem so any help from anybody would be very much appreciated.
Is there any other alternative pipe program that can be used to forward emails.


Thanks




_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
Attachments: forward_diff.txt (1.06 KB)


namailsj at yahoo

Oct 17, 2009, 2:03 PM

Post #3 of 5 (1179 views)
Permalink
Re: dbmail forwarding breaks emails signed by domainkeys [In reply to]

I was able to further narrow down the problem to gmime (not dbmail), which changes "Mime-Version" to uppercase "MIME-Version" and its causing problems with domainkeys signed emails.

I apologize for taking up everybody's precious time.




----- Original Message ----
From: N Sj <namailsj [at] yahoo>
To: dbmail [at] dbmail
Sent: Thu, October 15, 2009 2:50:18 PM
Subject: Re: [Dbmail] dbmail forwarding breaks emails signed by domainkeys

diff of emails forwarded by dbmail and postfix shows that dbmail changes the "Mime-Version" to "MIME-Version" (upper-case MIME) and splits Content-Type in two lines, second line starting with a TAB before the boundary. Could this be enough to invalidate the domainkey signatures

copy/pasting the diff below but email might not show the tabs or newline, so attaching it as a text file also.

[mymail [at] mymai 7]# diff -c postfix_forward dbmail_forward
*** postfix_forward 2009-10-15 14:25:45.000000000 -0700
--- dbmail_forward 2009-10-15 14:25:41.000000000 -0700
***************
*** 9,18 ****
Reply-To: member [at] ebay
To: XXX [at] XXX
Subject: XXX thought you might like this item on eBay
- Mime-Version: 1.0
- Content-Type: multipart/alternative; boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
X-eBay-MailTracker: 11030.637.0.50297
X-eBay-MailVersionTracker: 637.10150400

--1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
Content-Type: text/plain;charset=ISO-8859-1
--- 9,19 ----
Reply-To: member [at] ebay
To: XXX [at] XXX
Subject: XXX thought you might like this item on eBay
X-eBay-MailTracker: 11030.637.0.50297
X-eBay-MailVersionTracker: 637.10150400
+ MIME-Version: 1.0
+ Content-Type: multipart/alternative;
+ boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003

--1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
Content-Type: text/plain;charset=ISO-8859-1




----- Original Message ----
From: N Sj <namailsj [at] yahoo>
To: dbmail [at] dbmail
Sent: Mon, October 12, 2009 8:38:31 AM
Subject: [Dbmail] dbmail forwarding breaks emails signed by domainkeys

I'm having problems when forwarding domaikeys (not DKIM) signed emails from dbmail to a mailserver (such as gmail) that checks for DomainKeys.

ebay uses DomainKeys not DKIM for signing their emails, and Yahoo uses both domainkeys and DKIM, so the problem at this moment is only with ebay.

From ebay site when I click on "share" an auction with a friend, it sends an email to an email-id on dbmail server which is configured to forward to an address at gmail.com but it fails.
As I understand that dbmail forward opens a pipe to sendmail (sendmail command from postfix in this case) which re-writes the From address hence invalidating the email signed using domainkeys.
Whereas if email is forwarded without interacting with dbmail such as using virtual_maps or .forward file, then postfix doesn't rewrite any of the headers and all the forwards work fine.

I'm having a tough time figuring out a workaround to this problem so any help from anybody would be very much appreciated.
Is there any other alternative pipe program that can be used to forward emails.


Thanks




_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail




_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


aaron at serendipity

Oct 17, 2009, 2:10 PM

Post #4 of 5 (1178 views)
Permalink
Re: dbmail forwarding breaks emails signed by domainkeys [In reply to]

No apologies, that's a good find. How did you test the library? What
version of gmime are you working with?

Aaron


On Oct 17, 2009, at 2:03 PM, N Sj <namailsj [at] yahoo> wrote:

> I was able to further narrow down the problem to gmime (not dbmail),
> which changes "Mime-Version" to uppercase "MIME-Version" and its
> causing problems with domainkeys signed emails.
>
> I apologize for taking up everybody's precious time.
>
>
>
>
> ----- Original Message ----
> From: N Sj <namailsj [at] yahoo>
> To: dbmail [at] dbmail
> Sent: Thu, October 15, 2009 2:50:18 PM
> Subject: Re: [Dbmail] dbmail forwarding breaks emails signed by
> domainkeys
>
> diff of emails forwarded by dbmail and postfix shows that dbmail
> changes the "Mime-Version" to "MIME-Version" (upper-case MIME) and
> splits Content-Type in two lines, second line starting with a TAB
> before the boundary. Could this be enough to invalidate the
> domainkey signatures
>
> copy/pasting the diff below but email might not show the tabs or
> newline, so attaching it as a text file also.
>
> [mymail [at] mymai 7]# diff -c postfix_forward dbmail_forward
> *** postfix_forward 2009-10-15 14:25:45.000000000 -0700
> --- dbmail_forward 2009-10-15 14:25:41.000000000 -0700
> ***************
> *** 9,18 ****
> Reply-To: member [at] ebay
> To: XXX [at] XXX
> Subject: XXX thought you might like this item on eBay
> - Mime-Version: 1.0
> - Content-Type: multipart/alternative;
> boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> X-eBay-MailTracker: 11030.637.0.50297
> X-eBay-MailVersionTracker: 637.10150400
>
> --1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> Content-Type: text/plain;charset=ISO-8859-1
> --- 9,19 ----
> Reply-To: member [at] ebay
> To: XXX [at] XXX
> Subject: XXX thought you might like this item on eBay
> X-eBay-MailTracker: 11030.637.0.50297
> X-eBay-MailVersionTracker: 637.10150400
> + MIME-Version: 1.0
> + Content-Type: multipart/alternative;
> + boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
>
> --1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> Content-Type: text/plain;charset=ISO-8859-1
>
>
>
>
> ----- Original Message ----
> From: N Sj <namailsj [at] yahoo>
> To: dbmail [at] dbmail
> Sent: Mon, October 12, 2009 8:38:31 AM
> Subject: [Dbmail] dbmail forwarding breaks emails signed by domainkeys
>
> I'm having problems when forwarding domaikeys (not DKIM) signed
> emails from dbmail to a mailserver (such as gmail) that checks for
> DomainKeys.
>
> ebay uses DomainKeys not DKIM for signing their emails, and Yahoo
> uses both domainkeys and DKIM, so the problem at this moment is only
> with ebay.
>
> From ebay site when I click on "share" an auction with a friend, it
> sends an email to an email-id on dbmail server which is configured
> to forward to an address at gmail.com but it fails.
> As I understand that dbmail forward opens a pipe to sendmail
> (sendmail command from postfix in this case) which re-writes the
> From address hence invalidating the email signed using domainkeys.
> Whereas if email is forwarded without interacting with dbmail such
> as using virtual_maps or .forward file, then postfix doesn't rewrite
> any of the headers and all the forwards work fine.
>
> I'm having a tough time figuring out a workaround to this problem so
> any help from anybody would be very much appreciated.
> Is there any other alternative pipe program that can be used to
> forward emails.
>
>
> Thanks
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


namailsj at yahoo

Oct 17, 2009, 8:46 PM

Post #5 of 5 (1179 views)
Permalink
Re: dbmail forwarding breaks emails signed by domainkeys [In reply to]

I'm using gmime-2.2.24.
I was able to confirm through testing that gmime is changing the header Mime-Version to MIME-Version, its in "gmime/gmime-message.c"
Modifying the above file to keep the header as Mime-Version, resolved my other problem with domainkeys for that particular email.

I will be looking further into gmime testing over the next week.

Thank you.



----- Original Message ----
From: Aaron Stone <aaron [at] serendipity>
To: DBMail mailinglist <dbmail [at] dbmail>
Sent: Sat, October 17, 2009 2:10:30 PM
Subject: Re: [Dbmail] dbmail forwarding breaks emails signed by domainkeys

No apologies, that's a good find. How did you test the library? What
version of gmime are you working with?

Aaron


On Oct 17, 2009, at 2:03 PM, N Sj <namailsj [at] yahoo> wrote:

> I was able to further narrow down the problem to gmime (not dbmail),
> which changes "Mime-Version" to uppercase "MIME-Version" and its
> causing problems with domainkeys signed emails.
>
> I apologize for taking up everybody's precious time.
>
>
>
>
> ----- Original Message ----
> From: N Sj <namailsj [at] yahoo>
> To: dbmail [at] dbmail
> Sent: Thu, October 15, 2009 2:50:18 PM
> Subject: Re: [Dbmail] dbmail forwarding breaks emails signed by
> domainkeys
>
> diff of emails forwarded by dbmail and postfix shows that dbmail
> changes the "Mime-Version" to "MIME-Version" (upper-case MIME) and
> splits Content-Type in two lines, second line starting with a TAB
> before the boundary. Could this be enough to invalidate the
> domainkey signatures
>
> copy/pasting the diff below but email might not show the tabs or
> newline, so attaching it as a text file also.
>
> [mymail [at] mymai 7]# diff -c postfix_forward dbmail_forward
> *** postfix_forward 2009-10-15 14:25:45.000000000 -0700
> --- dbmail_forward 2009-10-15 14:25:41.000000000 -0700
> ***************
> *** 9,18 ****
> Reply-To: member [at] ebay
> To: XXX [at] XXX
> Subject: XXX thought you might like this item on eBay
> - Mime-Version: 1.0
> - Content-Type: multipart/alternative;
> boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> X-eBay-MailTracker: 11030.637.0.50297
> X-eBay-MailVersionTracker: 637.10150400
>
> --1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> Content-Type: text/plain;charset=ISO-8859-1
> --- 9,19 ----
> Reply-To: member [at] ebay
> To: XXX [at] XXX
> Subject: XXX thought you might like this item on eBay
> X-eBay-MailTracker: 11030.637.0.50297
> X-eBay-MailVersionTracker: 637.10150400
> + MIME-Version: 1.0
> + Content-Type: multipart/alternative;
> + boundary=1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
>
> --1922003599.1255638452226.JavaMail.SYSTEM.la-wconta003
> Content-Type: text/plain;charset=ISO-8859-1
>
>
>
>
> ----- Original Message ----
> From: N Sj <namailsj [at] yahoo>
> To: dbmail [at] dbmail
> Sent: Mon, October 12, 2009 8:38:31 AM
> Subject: [Dbmail] dbmail forwarding breaks emails signed by domainkeys
>
> I'm having problems when forwarding domaikeys (not DKIM) signed
> emails from dbmail to a mailserver (such as gmail) that checks for
> DomainKeys.
>
> ebay uses DomainKeys not DKIM for signing their emails, and Yahoo
> uses both domainkeys and DKIM, so the problem at this moment is only
> with ebay.
>
> From ebay site when I click on "share" an auction with a friend, it
> sends an email to an email-id on dbmail server which is configured
> to forward to an address at gmail.com but it fails.
> As I understand that dbmail forward opens a pipe to sendmail
> (sendmail command from postfix in this case) which re-writes the
> From address hence invalidating the email signed using domainkeys.
> Whereas if email is forwarded without interacting with dbmail such
> as using virtual_maps or .forward file, then postfix doesn't rewrite
> any of the headers and all the forwards work fine.
>
> I'm having a tough time figuring out a workaround to this problem so
> any help from anybody would be very much appreciated.
> Is there any other alternative pipe program that can be used to
> forward emails.
>
>
> Thanks
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail




_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail

DBMail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.