Option for ignoring Body Changes to avoid false warn/fail notifications

[Reiner030]

Hi,

with Office365 I see often on emails with attachment or mixed plain/html content (=> multipart mime emails) an DKIM warning by your addon while the headers show that incoming mail servers checked them without differences found:

e.g.:

Authentication-Results: spf=none (sender IP is 104.192.140.xxx)
 smtp.mailfrom=xxx.atlassian.net; xxx.de; dkim=pass (signature was
 verified) header.d=atlassian.net;xxx.de; dmarc=bestguesspass action=none
 header.from=xxx.atlassian.net;xxx.de; dkim=pass (signature was verified)
 header.d=atlassian.net;
Received-SPF: None (protection.outlook.com: xxx.atlassian.net does not
 designate permitted sender hosts)

and I think this comes from the header in each mail part like:

X-Microsoft-Exchange-Diagnostics:
    1;DB5PR05MB1880;9:U/ghKrNlfVTfaGXIqsRPpZaDYJBVZa6jX0+VZY/PD/GbbjxEORG3I8FpCDfVJ1qsP453FgpBDz1oeELphn5df7GYO534lcFxQMmFH+yP52gdiBn5z2QFXA3Ek05bmMqR9xGJ0m4A3h6D9hZYAgVLGMDREJB3F9PmS3RP9KYUIMk=

This is from TB debug log:

2016-06-06 01:05:09 DKIM_Verifier.Verifier  DEBUG   computed body hash: GGpM+dbOaW7Qw5i5bXW2To8mFc0J1+gZPWu7rOnOiY4=
2016-06-06 01:05:09 DKIM_Verifier.Verifier  WARN    DKIM_SIGERROR_CORRUPT_BH: DKIM Signatur Fehler: E-Mail wurde modifiziert (resource://dkim_verifier/helper.jsm:1:27) JS Stack trace: verifySignature@dkimVerifier.jsm:1015:1
2016-06-06 01:05:09 DKIM_Verifier.Verifier  DEBUG   Exception on DKIM-Signature 1

It would be nice if such header addition could be optionally ignored by e.g. one or multiple of these ideas:

• parameter field which email headers should be filtered out in email (mime-parts/bodies)
• notify body changes only as warning / full ignore?
• use found "Authentication-Results" only for verification in TB

[lieser]

The DKIM_SIGERROR_CORRUPT_BH error is caused by a modification of the e-mail body, and not not a problem in the headers. Adding a header can only cause a problem if the DKIM signature specially specifies that a certain header is not allowed to be added.

The server has no problem verifying the e-mails, because the modification happens afterwards. DKIM was never meant to be checked by the e-mail client, so thinks like this can happen. As you can see in the FAQ, Microsoft is not the only one doing so.

parameter field which email headers should be filtered out in email (mime-parts/bodies) As I already stated above, the headers are not the problem in the particular case you posted. Even if a header is causing the problem, it will be because it was modified. Simply ignoring the header is not possible in this case. I already tried ones to revert all changes done by Outlook.com, with are probably the same as in Office365. But I soon realized that some changes will be very hard to revert back, so I gave up. There still exist a hidden preference from this (extensions.dkim_verifier.error.contentTypeCharsetAddedQuotes.treatAs). Activating it may result in at lest a few more e-mails verifying without error.

notify body changes only as warning / full ignore? I think this would make any result pretty much worthless. So unless someone convinces me otherwise, I don't think this will be included.

use found "Authentication-Results" only for verification in TB This is already included in the Add-on.