From 135e949699b889c8c9088bb05f810d44adc74246 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 28 Jun 2017 15:25:12 +0100 Subject: DKIM: Enforce any "h" field present in the DNS publickey record. This can be set to require specific hash types, eg sha256, in signatues. There is an IETF draft in discussion which deprecates sha1 so this feature may start to be used. --- test/log/4500 | 3 +++ 1 file changed, 3 insertions(+) (limited to 'test/log/4500') diff --git a/test/log/4500 b/test/log/4500 index 0e0f8400d..ec8ef088e 100644 --- a/test/log/4500 +++ b/test/log/4500 @@ -10,3 +10,6 @@ 1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net +1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=ses_sha1 c=simple/simple a=rsa-sha1 b=512 [verification succeeded] +1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 512 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net -- cgit v1.2.3