search

fastmail / mail-dkim

Mail::DKIM Perl module, forked from svn://svn.code.sf.net/p/dkimproxy/code/Mail-DKIM/trunk
7 stars 6 forks source link

extra space after"d="tag use ccTLD(.co.jp etc)domain #30

Closed kiyocat123 closed 6 days ago

kiyocat123 commented 1 week ago

The outgoing headers from the hogehoge-kk.com domain are respectively DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hogehoge-kk.com; It is correctly sent, but The outgoing headers from the hogehoge-kk.co.jp domain are respectively DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= hogehoge-kk.co.jp; which is one extra space after"d=".

If extra spaces are added to the d tag, some MTAs, such as outlook.com, may receive a DKIM fail decision.

kiyocat123 commented 1 week ago

Mail::DKIM Ver 202401 and202406 tested

kiyocat123 commented 1 week ago

I'm sorry. I found a point of misunderstanding and would like to correct it.

I mentioned that a space like "d= " would be inserted in the D tag when sent with a ccTLD. However, upon reviewing the original unencoded text, I found that it was not "d= domain name" but "d= newline tab domain name." This means that it is not related to whether it is a ccTLD or not, but that a long domain name causes a newline and a tab to be inserted after "d=." In other words, it was FWS rather than WSP as per RFC. Like WSP, FWS is also prohibited at the start and end of tag values.

marcbradshaw commented 6 days ago

From my reading of rfc6376 this is valid. FWS is allowed around the tag-value, and within the tag-value, but not at the beginning or end of the tag-value. 

   Formally, the ABNF syntax rules are as follows:

   tag-list  =  tag-spec *( ";" tag-spec ) [ ";" ]
   tag-spec  =  [FWS] tag-name [FWS] "=" [FWS] tag-value [FWS]
   tag-name  =  ALPHA *ALNUMPUNC
   tag-value =  [ tval *( 1*(WSP / FWS) tval ) ]
                     ; Prohibits WSP and FWS at beginning and end
   tval      =  1*VALCHAR
   VALCHAR   =  %x21-3A / %x3C-7E
                     ; EXCLAMATION to TILDE except SEMICOLON
   ALNUMPUNC =  ALPHA / DIGIT / "_"

   Note that WSP is allowed anywhere around tags.  In particular, any
   WSP after the "=" and any WSP before the terminating ";" is not part
   of the value; however, WSP inside the value is significant.

and later specifically detailing the d= tag

      sig-d-tag       = %x64 [FWS] "=" [FWS] domain-name
      domain-name     = sub-domain 1*("." sub-domain)
                        ; from [[RFC5321](https://datatracker.ietf.org/doc/html/rfc5321)] Domain,
                        ; excluding address-literal
kiyocat123 commented 6 days ago

Thanks a lot Marc Bradshaw. I understand ,[FWS] mean "invisible" around the tag-value(d tag).