Skip to content

Expire message (incorrectly?) shown #336

New issue
New issue
Closed
Closed
Expire message (incorrectly?) shown#336
Assignees
lieser
Labels
enhancementImprovements or new features
Milestone
5.2.0
@exussum12

Description

@exussum12
exussum12
opened on Sep 12, 2022

dkim_verifier/modules/dkim/verifier.mjs.js

Lines 996 to 1001 in 5eb1112

const time = Math.round(Date.now() / 1000);
// warning if signature expired
if (this._header.x !== null && this._header.x < time) {
this._header.warnings.push({ name: "DKIM_SIGWARNING_EXPIRED" });
log.debug("Warning: DKIM_SIGWARNING_EXPIRED");
}

https://www.rfc-editor.org/rfc/rfc6376.html

x= Signature Expiration (plain-text unsigned decimal integer;
RECOMMENDED, default is no expiration). The format is the same as
in the "t=" tag, represented as an absolute date, not as a time
delta from the signing timestamp. The value is expressed as an
unsigned integer in decimal ASCII, with the same constraints on
the value in the "t=" tag. Signatures MAY be considered invalid
if the verification time at the Verifier is past the expiration
date. The verification time should be the time that the message
was first received at the administrative domain of the Verifier if
that time is reliably available; otherwise, the current time
should be used. The value of the "x=" tag MUST be greater than
the value of the "t=" tag if both are present.

This should probably use Delivery-date header first and fall back to current time ?

Metadata

Metadata

Assignees

Labels

enhancementImprovements or new features

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions