Subject: | Confusing "message has been altered" |
Dear Jason Long,
Hi. This is imacat from Taiwan. I was debugging some problem about
DKIM verification failures from several real Yahoo mails. I got very
confused when I got this message:
imacat@rinse ~ % perl -mMail::DKIM::Verifier -e'my $dkim =
Mail::DKIM::Verifier->new; $dkim->load(*STDIN); print
$dkim->result_detail."\n"; print $dkim->message_sender->address."\n";' <
/home/imacat/tmp/email.eml
fail (message has been altered)
confirm-unbounce-1178825131-3975831-90537@yahoogroups.com
imacat@rinse ~ %
I tries again and again, until I found this line in Mail-DKIM-0.24
ChangeLog:
2006-10-12: Jason Long <jlong@messiah.edu>
...
* lib/Mail/DKIM/PublicKey.pm: change an error message from "headers have
been alterered" to "message has been altered" (if the headers have been
altered, we really cannot imply that the body is still intact)
So that may be some headers added by my other mail filters. I'm
still debugging my own issue.
But, isn't this quite confusing? For example, if I have to make 3
sequencial tests:
test 1 fails: tests failed.
test 2 fails: tests failed.
test 3 fails: 3rd test failed.
This does not make sense at all, for debuggers that are looking into
the problem of the failure.
I propose to rewrite this message as "headers have been altered,
body not verified", which is more informative and clear about the issue.
I made a simple patch below, in the hope that it helps. Please tell me
if you need any more information. Thank you.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
diff -u -r Mail-DKIM-0.24.orig/lib/Mail/DKIM/PublicKey.pm
Mail-DKIM-0.24/lib/Mail/DKIM/PublicKey.pm
- --- Mail-DKIM-0.24.orig/lib/Mail/DKIM/PublicKey.pm 2007-03-12
23:06:10.000000000 +0800
+++ Mail-DKIM-0.24/lib/Mail/DKIM/PublicKey.pm 2007-05-11
12:51:03.000000000 +0800
@@ -338,7 +338,7 @@
if (substr($verify_result, 0, $prefix_len)
eq substr($expected, 0, $prefix_len))
{
- - $@ = "message has been altered";
+ $@ = "headers have been altered, body not verified";
return;
}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGQ/Zni9gubzC5S1wRAs11AKCrQgmR9xtRwzqTQHnImHbzf54bbwCgnvqJ
f2Z99zH/4Axg03vqp+AvS1o=
=ISg8
-----END PGP SIGNATURE-----