resending bounces: DKIM and Message-ID:

[Greg Troxel <gdt@lexort.com>]

I found a behavior problem that I think is a bug in both gnus and
opendkim.  Headers that are supposed to be added by the originating MTA
are not removed, so the resent message has odd content: duplicate DKIM
header, and the same Message-ID:

My system in NetBSD 9 amd64 with emacs 28.2, but I don't think that's
particularly important.

Reproduction Recipe:

  - send a message to a mailing list that you are not subscribed to, so
    that it will bounce, and CC: an actual person
  - subscribe to the list and confirm
  - In the summary at the bounce, S D b (gnus-summary-resend-bounced-mail)
  - In the resulting message buffer, C-c C-c (realizing or not realizing
    that the actual person will get a second copy)

This seems to me to be a normal sequence of events, and I'm here because
it actually happened.  It was a discussion of DKIM/DMARC configuration
for mailman, so the person in the CC: got two copies and actually
noticed that there were two DKIM headers from my domain.


The problem is that the message that is sent has two DKIM headers.  This
is because the one that was added by the MTA on the way to the
mailinglist is present because it was in the bounce, and then opendkim
added a new one, because it just adds.

But also, the Message-ID: was generated for the first message, and the
that is reused.  That seems also like a bug.


The proposal is to fix this by:

  * in gnus
    - adding a list of headers which should be removed from bounce
      messages when doing gnus-summary-resend-bounced-mail
    - set the list to Message-ID and DKIM-Signature to start with

  * in opendkim
    - adjust to remove DKIM-Signature from matching d=
      See https://sourceforge.net/p/opendkim/bugs/283/

To make this report properly lispy, I have intentionally typod the list
by sending to ding2@ instead, and will include the headers from the
bounce resend buffer in the body.

Greg
(end of first message)

Content of headers in *unsent-bounce* after S D b:

  DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lexort.com; s=mail;
          t=1699014219; bh=eeB1OL0c0u2+SOWzRtNCVlH+oCKEc2vYsqRGp4ZsUk0=;
          h=From:To:Subject:Date;
          b=TtTS6faBNmfjVMi3VmqAOjsnMjefzbuHrU2yJFTEYuaHMMDQr9lY8j2uAKQHn1bYR
           g3VmgRP/gkkm0cYU5cGj/Oazk+ooWC+qxghvnXo+0/iDxNdhfgSVQi0k79VSvNlbLP
           S/l11R1Yf2mk2Ga02Nx/+K3AVxATm17MKh8AcLHc=
  From: Greg Troxel <gdt@lexort.com>
  To: ding2@gnus.org
  Subject: resending bounces: DKIM and Message-ID:
  OpenPGP: id=098ED60E
  Date: Fri, 03 Nov 2023 08:23:39 -0400
  Message-ID: <rmi34xn2fg4.fsf@s1.lexort.com>
  User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (berkeley-unix)
  Gcc: nnfolder+archive:sent.2023-11

showing both DKIM-Signature and Message-ID.  Because I have changed the
To: the original signature will be invalid.

I have edited the To: and am about to type C-c C-c.

(end of second message)