Don't look for X-DKIM-Authentication-Results headers (!51) · Merge requests · The Tor Project / Anti-censorship / BridgeDB

meskio requested to merge meskio/bridgedb:remove_dkim_authentication_header into main Dec 13, 2022

opendkim produces 'Authentication-Results' header to indicate if the dkim signature is valid, but nothing in our current infraestructure produces or reads X-DKIM-Authentication-Results. Check only for 'Authentication-Results' so an attacker will not be able to fake an email without really comming from an authorized provider.

Don't look for X-DKIM-Authentication-Results headers

Merge request reports