[ietf-dkim] Updated implementation report
John R. Levine
johnl at iecc.com
Fri Oct 1 20:04:24 PDT 2010
>> If this is the #1 reason that verifications fail, would there be room
>> for a new canonicalization scheme, to improve verification rates?
Seems to me it would be more appropriate to add a note saying something
like be sure your headers are all RFC 5322 compliant before signing,
including arcana such as quoting rules in address fields, to avoid
signature failures due to helpful relay MTAs fixing the quoting errors on
the way through.
As far as figuring out who's doing what, it's hard to think of anything
better than running a bunch of deliberately marginal messages through a
variety of MTAs and see what happens. A couple of years ago I set up a
forwarding project, in which I asked people to set up different MTAs to
forward mail back to me, just so we could find out about this kind of
stuff. The code has suffered severe bit rot but if people really wanted
to use it, I could probably resuscitate it.
More information about the ietf-dkim