Ubuntu
opendkim package

opendkim generate an invalid signature if one header is fold just after the header name

Bug #1857618 reported by Msd
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
opendkim (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

opendkim generate an invalid signature if one header is fold just after the header name

Expected : the email is well signed.

Actual : Signature is invalid.

How to reproduce ? Send the email just below by replacing "example.com" by a valid DKIM-signed domain. I used postfix to send the email.

Here is a source .eml email that will fail to be correctly signed by opendkim :

```
From: <email address hidden>
To: <email address hidden>
Subject:
 Folding_White_Space_and_too_long_subject_aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Test
```

opendkim generate an invalid signature with this email because of the "Subject:" folding white space.

The signature is valid if the "Subject:" is written in one line :

```
Subject: Folding_White_Space_and_too_long_subject_aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
```

Ubuntu 18.04.3 LTS
opendkim : 2.11.0~alpha-11build1

---

This bug occurs for all headers signed by opendkim (not only with "Subject:").

This syntax seems valid. At least Gmail, Outlook, Thunderbird display the subject correctly.

https://www.ietf.org/rfc/rfc5322.txt :

> Unfolding is accomplished by simply removing any CRLF
> that is immediately followed by WSP. Each header field should be
> treated in its unfolded form for further syntactic and semantic
> evaluation. An unfolded header field has no length restriction and
> therefore may be indeterminately long.

Gmail and opendkim itself consider the signature as invalid.

opendkim :

```
Authentication-Results: xxx.example.com (amavisd-new); dkim=fail (2048-bit key)
 reason="fail (message has been altered)" header.d=example.com
 header.b=ABCDEF;
```

Gmail:

```
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail <email address hidden> header.s=xxxxxxx header.b="a/aaaaaa";
```

Revision history for this message
David Bürgin (glts) wrote :

My OpenDKIM installation (2.11.0~alpha-11build1 on Ubuntu 18.04 Server)
can sign your message, and produces a valid signature.

Perhaps some other component at your site or in transit is altering the
folding or line terminators? Anything unusual about your system and
configuration? Perhaps try setting Canonicalization to ‘relaxed/relaxed’
and see if the verification result changes
(https://tools.ietf.org/html/rfc6376#section-3.4.2)?

Revision history for this message
Msd (msd+launchpad) wrote :

Hello David,

Thank you for your quick reply.

I attached a php script (bug_21857618.php) to reproduce the issue.

You can run it with `php bug_21857618.php <email address hidden> 0` to have an invalid DKIM signature.
You can run it with `php bug_21857618.php <email address hidden> 1` to have valid DKIM signature.

Just replace <email address hidden> by a valid DKIM-signed domain.

Look at the way "Suject:" is written in both cases.

Here is my opendkim conf file :

```
# cat /etc/opendkim.conf
Syslog yes
LogResults yes
LogWhy yes
UMask 007
Socket local:/var/run/opendkim/opendkim.sock
PidFile /var/run/opendkim/opendkim.pid
OversignHeaders From
TrustAnchorFile /usr/share/dns/root.key
UserID opendkim
KeyTable /etc/mail/KeyTable
SigningTable /etc/mail/SigningTable
Mode s
SubDomains yes
MultipleSignatures yes
InternalHosts refile:/etc/mail/InternalHosts
Socket inet:8891@localhost
```

I tried the php script on a Debian 8 server with this simplified config file and the problem is already here :

```
# cat /etc/opendkim.conf
Syslog yes
UMask 002
KeyTable /etc/mail/KeyTable
SigningTable /etc/mail/SigningTable
OversignHeaders From
```

If you can't reproduce the case, I'm interesting that you send me a valid DKIM-signed email with the folded "Subject:" header.

---

> Perhaps some other component at your site or in transit is altering the
folding or line terminators? Anything unusual about your system and
configuration?

I tried on multiples servers (Ubuntu 18.04, Ubuntu 16.04, Debian 8) and the problem is here.

> Perhaps try setting Canonicalization to ‘relaxed/relaxed’
and see if the verification result changes

I haven't tried this but I only change a little bit the "Subject:" header for one time having a valid DKIM signature and the other an invalid signature. I don't think that this will solve the issue or if so I don't understand why.

Thank you again for your reply and your tests to reproduce the problem,

Guillaume

```
# dpkg -l | grep opendkim
ii libopendkim11 2.11.0~alpha-11build1 amd64 Library for signing and verifying DomainKeys Identified Mail signatures
ii opendkim 2.11.0~alpha-11build1 amd64 Milter implementation of DomainKeys Identified Mail
# dpkg -l | grep postfix
ii postfix 3.3.0-1ubuntu0.2 amd64 High-performance mail transport agent
# dpkg -l |grep php-cli
ii php-cli 1:7.2+60ubuntu1 all command-line interpreter for the PHP scripting language (default)
# cat /etc/postfix/main.cf | grep milter
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
```

Revision history for this message
David Bürgin (glts) wrote :

I don’t use PHP but if you publish an email address on your Launchpad
profile I can send you a test email.

Two quick observations:
* Note that you are folding the line not immediately after ‘Subject:’,
  there is a trailing space character.
* One other thing I see (don’t think it’s relevant here):
  milter_protocol = 2
  Do not set this! This setting is obsolete, it can only hurt. Always
  use the latest milter protocol, 6 (the default setting).

Revision history for this message
Msd (msd+launchpad) wrote :

> * One other thing I see (don’t think it’s relevant here):
> milter_protocol = 2
> Do not set this! This setting is obsolete, it can only hurt. Always
> use the latest milter protocol, 6 (the default setting).

I don't know why, but changing to `milter_protocol = 6` solves the problem.

The e-mail is well DKIM-signed.

Thanks !

Revision history for this message
Msd (msd+launchpad) wrote :
Revision history for this message
Msd (msd+launchpad) wrote :

> * Note that you are folding the line not immediately after ‘Subject:’,
> there is a trailing space character.

I think it is normal because I want a space when the header is unfolded between "Subject:" and "Folding_White_Space_and_too_long_subject_aaa...".

> Unfolding is accomplished by simply removing any CRLF
> that is immediately followed by WSP.

Thanks again.

Revision history for this message
David Bürgin (glts) wrote :

> I don't know why, but changing to `milter_protocol = 6` solves the problem.

Ah, excellent. Good luck!

Changed in opendkim (Ubuntu):
status: New → Invalid
Revision history for this message
Msd (msd+launchpad) wrote :

https://marc.info/?l=postfix-users&m=157746682807997&q=mbox

>> It works fine with `milter_protocol = 6`.
>
> Which is the default value.
>
> Milter protocols versions < 6 don't support the SMFIP_HDR_LEADSPC
> feature. This feature was introduced with Sendmail 8.14, and is
> needed to correctly preserve the leading whitespace of a header
> field value.
>
> Wietse

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.