Hello,
again I struggled about the 8BITMIME SMTP-Extension. The RFC - initial
version published in 1993 -
is not as widely adopted as one may expect. In fact even largest
mailprovider do not announce 8BITMIME.
That forces any RFC conforming MTA to reject or convert the message
into valid 7-bit MIME
( https://tools.ietf.org/html/rfc6152#page-4 )
The problem occur in a usual combination of common software packages:
postfix and OpenDKIM.
OpenDKIM as signer is implemented as milter. A milter receive any
message postfix receive via smtpd.
so the simple mailflow for submission looks like this:
- MUA
- postfix smtpd announcing the 8BITMIME extension (default in postfix)
- OpenDKIM as Milter signing the message (add some header to the
message, leave the body unchanged)
- postfix queue
- postfix smtp client (responsible for remote delivery)
If the postfix smtp client handover the message to a server not
announcing 8BITMIME
postfix (smtp client?) convert the message into valid 7-bit MIME and
invalidate the DKIM signature just applied by OpenDKIM.
There are several option to avoid such signature invalidation:
* disable 8BITMIME on the smtpd the MUA use for submission.
It works usually but fail if the MUA *must* send 8-Bit MIME
content for any reason.
* disable 8BITMIME on *any* SMTPD an organisation is responsible.
It forces any remote host to convert 8-bit MIME messages send to
the organisation,
thus minimise the chance the MUA later would submit 8-bit messages.
But that also forces any other remote sender to convert the
message into valid 7-bit MIME
send *to* this organisation and trigger the initial problem on the
remote side.
* content-filter setup (with trivial Null filter)
- MUA
- postfix smtpd with content_filter=...
- postfix queue
- smtp client (convert the message into valid 7-bit MIME)
- smtpd with OpenDKIM milter as signer
- postfix queue
- postfix smtp client (responsible for remote delivery)
* set "disable_mime_output_conversion = yes"
All option don't satisfy me. I like to setup my submission and MX
smtpd to still support 8BITMIME extension
but also convert all submitted message into valid 7-bit MIME just
before OpenDKIM sign the message.
Are there any other options?
Thanks,
Andreas
