go-msgauth icon indicating copy to clipboard operation
go-msgauth copied to clipboard

Published 20 hours ago verified publisher icon emersion

DKIM t=s key flag not supported

Open AGWA opened this issue 4 years ago • 2 comments

When s is in a key's flags list, then:

Any DKIM-Signature header fields using the "i=" tag MUST have the same domain value on the right-hand side of the "@" in the "i=" tag and the value of the "d=" tag. That is, the "i=" domain MUST NOT be a subdomain of "d=". Use of this flag is RECOMMENDED unless subdomaining is required.

(RFC 6376 Section 3.6.1)

Currently, go-msgauth's DKIM verifier unconditionally allows the i= domain to be a subdomain of d=.

AGWA avatar Mar 15 '21 15:03 AGWA

Good catch. Patches welcome!

emersion avatar Mar 15 '21 15:03 emersion

issued a PR for this: #50

gowthamgts avatar Jul 31 '21 09:07 gowthamgts