LEP/DKIMAuthenticatedMail

Not logged in - Log In / Register

DKIMAuthenticatedMail

Mail with a DKIM signature should be trusted similarly to GPG-signed mail. See bug 316272.

As a developer who uses Launchpad and gmail
I want Launchpad to trust mail from me without demanding a separate GPG signature
so that I can more easily send Launchpad commands to control bugs, reviews, etc

Many mail services now send Domain Keys Identified Mail giving reasonably strong authentication that the mail was sent by the domain it claims to have been sent by. This is typically attached without needing any action by the user.

Breaking news

As of (the next rollout after) 16 Sep 2011, DKIM will also be accepted if the Sender address in a validated account address. This should mean Launchpad will accept mail sent through gmail, even if you have a From address that's not at gmail, as long as you have validated your gmail address.

As of 13 Dec 2010, second-party DKIM is accepted for both creating new bugs and modifying existing bugs, but you must send mail with a From address in the signing domain. Specifically, if you are sending mail from gmail, you must use your @gmail.com address. Fixing this is bug bug 643223 and is the next step.

As of 20 September 2010, DKIM is accepted for changes to existing bugs. Because of bug 643219 it doesn't work for mail to new@. You must use the dkim-signed address (eg foo@gmail.com) as the From address. See bug 316272 for more.

To debug this on lpnet, look in /srv/launchpad.net-logs/scripts/loganberry/process-mail.log.

Rationale

Many of our users (50%?) use gmail, fastmail, yahoo mail, etc. This would make interaction with Launchpad somewhat easier with them.

This is not urgent: more like itch-scratching.

However, it may be easy to implement. There is already an IAuthenticatedMail interface in Launchpad, and there is already a pydkim library that tells whether a particular mail is authentic or not.

Stakeholders

Constraints

Subfeatures

Deployment steps:

  1. Just log the results of the check, without taking any other action: date, sender, message-id, dkim outcome
  2. Let this run for a while and then look at the logs.
  3. For a subset of users, start treating messages with valid signatures as authenticated and every other case as unauthenticated.
  4. Do this for all users, and announce it
  5. For a subset of users, start rejecting messages with invalid signatures, with an explanation of the problem (bearing in mind the message may well have been forged.)
  6. Ditto globally

Workflows

When Launchpad receives mail, it checks whether it is DKIM-signed. The results of this can be: valid, invalid, or inconclusive, not signed, or internal error.

Success

Bugs are at: https://bugs.edge.launchpad.net/launchpad-project/+bugs?field.tag=dkim

How will we know when we are done?

How will we measure how well we have done?

Thoughts?

Put everything else here. Better out than in.

References

LEP/DKIMAuthenticatedMail (last edited 2011-09-28 03:56:23 by mbp)