DKIM CVE and Amavis behavior

Quanah Gibson-Mount quanah at
Sat Oct 27 01:57:03 CEST 2012

Hi Mark,

There's been a lot of news recently about

I am curious to know if Amavis with DKIM verification enabled "does the
right thing" in relation to "test" DKIM keys and DKIM keys with a small bit
size (less than 1024).  I know opendkim just rev'd to 2.7.0 to take care of
the CVE.

Among the major changes in OpenDKIM 2.7.0:

o SECURITY: The library will now decline to generate a signature, or pass
  a valid signature, if the signing key is comprised of too few bits, thus
  being insecure.  The default is 1024.  This can be controlled through the
  API, and the setting can also be adjusted in the filter via the new
  "MinimumKeyBits" setting.

Also, there is this bit:

1) CWE-347: Improper Verification of Cryptographic Signature: DKIM
information is conveyed in an email header called a DKIM-Signature header
field. A Signer can indicate that a domain is testing DKIM by setting the
DKIM Selector Flag (t=) flag to t=y. Some verifiers accept DKIM messages in
testing mode when the messages should be treated as if they were not DKIM
signed. From RFC 6376:

t= Flags, represented as a colon-separated list of names (plain-
   text; OPTIONAL, default is no flags set).  Unrecognized flags MUST
   be ignored.  The defined flags are as follows:

   y  This domain is testing DKIM.  Verifiers MUST NOT treat messages
      from Signers in testing mode differently from unsigned email,
      even should the signature fail to verify.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration

More information about the amavis-users mailing list