Scott Kitterman mentioned problems in some dkim implementations. By inspection I don't think pydkim is vulnerable to this but it would be nice to add a test. He asked that this be kept confidential for now.
----
I've recently become aware that there are potential problems with multiple
From addresses and DKIM. At least one vendor has modified their code to deal
with the problem of a message being DKIM signed with one From and then later
the bad guy adds a second from to the message and resends it. Since the
original From is still there, the signature still validates, but many MUAs
will display the second one leading to a case where users might be presented a
DKIM validates message and a From that isn't the one in the signature.
The solution is to make sure when you are canonicalizing the message include
all From headers and not just one. That way if a From is added, the signature
validation will fail.
I have not had time to check pydkim to see how it handles this. If I do, I'll
let you know. Since this is a protocol vulnerability, it will take some time
to get a coordinated resolution, so if you change things in the meantime,
please don't say you're doing it for security reasons.
Scott K
I would rate this Low priority, because we're probably not vulnerable.