https://bugs.kde.org/show_bug.cgi?id=505459
Bug ID: 505459
Summary: Possible email modification after download from IMAP
may break DKIM
Classification: Frameworks and Libraries
Product: Akonadi
Version First 6.4.1
Reported In:
Platform: Arch Linux
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: IMAP resource
Assignee: kdepim-b...@kde.org
Reporter: benjamin.gira...@nebux.org
CC: c...@carlschwan.eu
Target Milestone: ---
SUMMARY
When syncing an IMAP account, it appears that emails are modified before being
stored. This observed issue is (at least) with CRLF being modified. With text
only emails, this alteration does not seem to prevent DKIM signature check from
passing. However, with a multi-part MIME body an extra space is introduced that
trigger a failed body hash check. More precisely, the emails I have have a
header that ends with two CRLF sequences (checked with okteta), and then the
string "This is a multi-part message in MIME format.". After syncing with
kmail, the stored email has two LF characters, a space, and then the string
above. Removing the space allows for a successful DKIM check.
All other CRLF sequences converted to LF do not seem to prevent DKIM checks
from passing, only the space is an issue.
I checked that this is likely not an issue with the IMAP server using
Thunderbird. The synced email were not altered there (CRLF kept, and no extra
space), and the synced emails pass DKIM checks.
STEPS TO REPRODUCE
1. Sync IMAP account
2. Check DKIM signature with a multipart MIME body
OBSERVED RESULT
Failed DKIM verification: body hash mismatch
EXPECTED RESULT
Passed DKIM verification
SOFTWARE/OS VERSIONS
Linux/KDE Plasma: ArchLinux
KDE Plasma Version: 6.3.5
KDE Frameworks Version: 25.04.1
Qt Version: 6.9.1
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are watching all bug changes.
