Full Disclosure mailing list archives

Email Security

From: "Gary E. Miller" <gem () rellim com>
Date: Thu, 29 Dec 2005 17:16:36 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo All!

Sorry to actually talk about security here, but this has been bugging
me for a while.  Check out the headers in the email I just got from
this list below.

Pay particular attentiom to this header that shows gmail signed the
original message:

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
    h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:conte
    nt-type:references;
    b=CQy5RMmQmeDJoDvXBSoE3v/YxxeBPc4IA6LVT/GgWBA2oLOCW3GXWm+u/I4MT2v8LxpcJj3ntc
    6F4bOTORFK7BTPZKPL/QzFEydGmzcpN/4MO+myrzc8GgDTCliPpNH0TvhdPunxVMHqSMSHaMkdJq
    pXnHYohxyCQY/bmx5Mc/I=


Now notice this one that shows the signature failed after going through
full-disclosure:

Authentication-Results: catbert.rellim.com from=zoidenator () gmail com;
    domainkeys=fail (testing)

Is there any way to get the list fixed so that DomainKeys signing is
not being corrupted?  I know this is non-trivial but if we can't
figure it out then no mere mail admin has a chance....

It seems to me that gmail included the sbject in the resultant hash
and the [full-disclosure] tag added to the subject changes the hash.

Not sure what the proper workaround is, but I think the mailing list
is supposed to rehash the whole thing.

DomainKeys is not an RFC yet, but it will be soon.  We gotta do
something about the flood of spam.  My spamfilter caught 11k+ spam just
last weekend on just my persoanl account....

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

- ---------- Forwarded message ----------
Return-Path: <full-disclosure-bounces () lists grok org uk>
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on catbert.rellim.com
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE
    autolearn=disabled version=3.1.0
Received: from lists.grok.org.uk (lists.grok.org.uk [195.184.125.51])
    by catbert.rellim.com (8.13.5/8.13.5) with ESMTP id jBU10Smm010801
    for <gem () rellim com>; Thu, 29 Dec 2005 17:00:29 -0800
Authentication-Results: catbert.rellim.com from=zoidenator () gmail com;
    domainkeys=fail (testing)
Received: from lists.grok.org.uk (localhost [127.0.0.1])
    by lists.grok.org.uk (Postfix) with ESMTP id CE3771216;
    Fri, 30 Dec 2005 01:00:20 +0000 (GMT)
X-Original-To: full-disclosure () lists grok org uk
Delivered-To: full-disclosure () lists grok org uk
Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.196])
    by lists.grok.org.uk (Postfix) with ESMTP id 401DA10B1
    for <full-disclosure () lists grok org uk>;
    Fri, 30 Dec 2005 00:59:57 +0000 (GMT)
Received: by zproxy.gmail.com with SMTP id 9so1795752nzo
    for <full-disclosure () lists grok org uk>;
    Thu, 29 Dec 2005 16:59:56 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
    h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:conte
    nt-type:references;
    b=CQy5RMmQmeDJoDvXBSoE3v/YxxeBPc4IA6LVT/GgWBA2oLOCW3GXWm+u/I4MT2v8LxpcJj3ntc
    6F4bOTORFK7BTPZKPL/QzFEydGmzcpN/4MO+myrzc8GgDTCliPpNH0TvhdPunxVMHqSMSHaMkdJq
    pXnHYohxyCQY/bmx5Mc/I=
Received: by 10.36.145.5 with SMTP id s5mr1037764nzd;
    Thu, 29 Dec 2005 16:59:56 -0800 (PST)
Received: by 10.36.126.1 with HTTP; Thu, 29 Dec 2005 16:59:56 -0800 (PST)
Message-ID: <528287c00512291659v6dcf9c96oe287e91de4fcc601 () mail gmail com>
Date: Thu, 29 Dec 2005 16:59:56 -0800
From: zap zoid <zoidenator () gmail com>
To: Paul Schmehl <pauls () utdallas edu>
Subject: Re: [Full-disclosure][WAY OFF TOPIC] complaints about the governemnt
    spying!
In-Reply-To: <19FCE90EEB407BAC88999768@Paul-Schmehls-Computer.local>
MIME-Version: 1.0
References: <1135789711.14793.47.camel@shadrack>
    <1135865083.2592.42.camel@shadrack>
    <200512291905.jBTJ5NRC021215 () turing-police cc vt edu>
    <E75E8EE8316F6AAF8E24901D@Paul-Schmehls-Computer.local>
    <43B441CB.5030803 () csuohio edu>
    <93747441963ABE231995C0C2@Paul-Schmehls-Computer.local>
    <43B459FB.4060200 () sdf lonestar org>
    <cd8f1f1e0512291419p48f7da63o () mail gmail com>
    <cd8f1f1e0512291421t76289f2t () mail gmail com>
    <19FCE90EEB407BAC88999768@Paul-Schmehls-Computer.local>
Cc: full-disclosure () lists grok org uk
X-BeenThere: full-disclosure () lists grok org uk
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: An unmoderated mailing list for the discussion of security issues
    <full-disclosure.lists.grok.org.uk>
List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
    <mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe>
List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
List-Post: <mailto:full-disclosure () lists grok org uk>
List-Help: <mailto:full-disclosure-request () lists grok org uk?subject=help>
List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
    <mailto:full-disclosure-request () lists grok org uk?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0004594307=="
Sender: full-disclosure-bounces () lists grok org uk
Errors-To: full-disclosure-bounces () lists grok org uk

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDtIp48KZibdeR3qURAk0AAJ9UJMM7nGKRRpOfJatvm4wRak7EewCg8gs7
3/jpr0BxvOLw6agbjzYfebQ=
=wcHt
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Current thread:

Email Security Gary E. Miller (Dec 29)
- Re: Email Security Nick FitzGerald (Dec 29)
  - Re: Email Security Gary E. Miller (Dec 29)