ARC sign "AuthenticationResultsHeader.parse" should not be responsible for invalid headers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dkimpy |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Hi,
Sorry if the title is misleading, I couldn't find a proper way to explain the situation:
In some case, we receive an email that already contains a "Authentication
> Authentication-
or this :
> {redacted}.com; dkim=none (message not signed) header.
(notice the header.
In this case, the method ARC.sign (around line 953) will throw an error at :
```
grouped_headers = [(res, AuthenticationR
```
Because that header is invalid.
I believe that in this case, it should just be ignored. If this header is needed, the `auth_headers` will then be empty and no ARC seal will be generated.
Otherwise, and this is the case here, the invalid AR header will be ignored, but ours, which is valid, will still be included and work as intended with a generated ARC signature.
Hope this makes sense.
Changed in dkimpy: | |
milestone: | none → 1.0.5 |
Changed in dkimpy: | |
status: | Triaged → Fix Committed |
Changed in dkimpy: | |
status: | Fix Committed → Fix Released |
It does make sense. Thanks.