DOMAINKEY Signature in SmarterMail Still Uses SHA1 - Needs to be Upgraded
Problem reported by Bruce Barnes - 5/10/2015 at 1:46 PM
Submitted
 
Given the fact that both Microsoft and US Cert have depreciated SHA1, it is imperative that SmarterMail updates the SHA1 key used to generate DOMAINKEY signatures to use SHA256. 
 
The effective date, announced on 12 November, 2013, is 1 January, 2016, just over six months from now.

While Google will accept SHA1 based certificates until the end of 2016, Microsoft will completely depreciate SHA1 based certificates in April, 2016
 
See: http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx, which states:

"Today Microsoft has announced a new policy for Certificate Authorities (CAs) that deprecates the use of the SHA1 algorithm in SSL and code signing certificates, in favor of SHA2. The policy affects CAs who are members of the Windows Root Certificate Program who issue publicly trusted certificates.  It will allow CAs to continue to issue SSL and code signing certificates until January 1 2016, and thereafter issue SHA2 certificates only."


Qualys Security Labs, via their blog, at: https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know, states:

The news is that SHA1, a very popular hashing function, is on the way out. Strictly speaking, this development is not new. The first signs of weaknesses in SHA1 appeared (almost) ten years ago. In 2012, some calculations showed how breaking SHA1 is becoming feasible for those who can afford it. In November 2013, Microsoft announced that they wouldn't be accepting SHA1 certificates after 2016.

Shown below is the header information from a SmarterMail 13.4.5603 transaction showing that DOMAINKEYS are still generated with SHA1.

 Return-Path: <smartermailtest@REDACTED.com>
Received: from server.REDACTED.com (server.REDACTED.com XXX.XXX.198.67]) by securemail.chicagonettech.com with SMTP
	(version=TLS\Tls
	cipher=Aes256 bits=256);
   Sun, 10 May 2015 15:02:28 -0500
X-SmarterMail-Authenticated-As: smartermailtest@REDACTED.com
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns;
        d=REDACTED.com; s=secure;
        h=received:from:to:subject:date:reply-to:message-id:mime-version
          :content-type:x-originating-ip;
        b=sEiA58U6oVAoGb0W6rSEaGf2D1FavpOXwdP+aGYDTxzGnC8obfu9YgRrrmzn6ELJw
          OAGcOXTXT5J4eCgO/xKBwDNqOp0W9JMfVRznrU94bOXiyu3WJ+ZCcGe7+JVwAGZx+
          HJnKeEBq6x5vNnOREfnu1E+Xz4ET2zoTYyL4B3SumTTjy54zJYYYlH9tcBaUvEXu5
          6smlfDMX6VXTxiEPXOxzeoQIycfebLtAqdSns4CLbl5rzVwas5UZxT7c2L9yZKhLu
          /EltltfqcF1Bt+PgK4PD8/Ga+f39OHMEMdD6xxHb9CMSSsCOBWeBQT1LNVCe2JBFZ
          AbcqzvQqZrpzK1Lvw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=REDACTED.com; s=secure;
        h=x-originating-ip:content-type:mime-version:message-id:reply-to
          :date:subject:to:from;
        bh=o1o/WcZFGHwKZGad8xSO5Y5OvMdperW4N/Oi1ZWJdxQ=;
        b=DhMxl61olhsLzY/U/trHjRNhz7n7+5fhcEQRCf4sOam9Uhv5NSqfngw/NXYBeSKU8
          04eSnOeZIvWOa7HzueyLXshbzj6pqv23qCOz8mnROmNmcqnc8JskT7UWG1pPPLrJL
          p0okImWxxqnigoukhJZjUYuuYJY16PZOdnU9enKC6Q4s+BEUT3tL09vhZ66OCk57s
          FhKQpZ/sxeZ0emAP2LqZeOy07g4YWWIJP1K7vdHmEl/gU583sPcjAocmTBOQ2ptVT
          4fJK1xmqpYZaIQ6q/FvWZcMi8L1zpyKcU993S2LUDodRj4uYX/DI8fTO40LXtslyv
          jf148UnXDWnmR0sAw==
Received: by server.REDACTED.com via HTTP;
	Sun, 10 May 2015 16:02:17 -0400
From: "SmarterMail DomainKey Test Account" <smartermailtest@REDACTED.com>
To: <mailtest@unlocktheinbox.com>
Subject: MailTest REDACTED.com 201505100150219
Date: Sun, 10 May 2015 16:02:17 -0400
Reply-To: smartermailtest@REDACTED.com
Message-ID: <a5d755234c1f4c5995be9c058524a468@REDACTED.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=1f719ff854ef4371b15d61ea7f201347
X-Originating-IP: [173.165.112.149]
X-Rcpt-To: <bbarnes@chicagonettech.com>
X-SmarterMail-Spam: SPF_Pass, Message Sniffer 0 [code:0], DK_Pass, DKIM_Pass
X-MessageSniffer-ResultCode: 0
X-SmarterMail-TotalSpamWeight: 0
 
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting

5 Replies

Reply to Thread
1
Scarab Replied
I thought that DomainKeys was deprecated as of STD76 which made RFC 4871 and RFC 5672 obsolete. This means that DKIM-Signature is the current standard and that DomainKey-Signature is retained in SmarterMail v13 only for historical purposes and backwards compatibility with older MTAs that have not yet been updated to the STD76 standard. Although the DKIM-Signature must be written in SHA256 the new standards states that MTAs must verify both SHA1 and SHA256 signatures until the time comes that DomainKey-Signatures are no longer utilized.

So if DomainKeys-Signatures is essentially dead is there a need to update an obsolete and deprecated format? Although I am sure there will be old MTAs that will still check for this signature and verify them as opposed to looking at the DKIM-Signature, but if they aren't upgrading their MTA to use DKIM-Signatures it is doubtful they are upgrading their MTAs to tombstone SHA1 which in the interim is allowed until no one is using DomainKey-Signatures any longer. 
0
Brian Ellwood Replied
I would argue the case of securing everything that can be secured.

Unless they remove domainkeys from the system it should be kept current and secured.
0
Bruce Barnes Replied
Since Google is still recommending that DomainKeys be used to support authentication, pursuant to: https://support.google.com/a/answer/174124, citing the DKIM standard, linked via, http://www.dkim.org/, in the article originally referenced, I seriously doubt we will see DomainKeys go away any time soon.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Scarab Replied
Bruce,

DKIM does not equal DomainKeys. DomainKeys is the obsolete and deprecated method (a draft devised by Yahoo back in 2007). Whereas DKIM is the official IETF replacement and the only format STD76 compliant MTAs should be using going forward since Sept 2011. The Google Support article you quoted refers to DKIM which SmarterMail is implementing correctly with SHA256. It makes no reference of DomainKeys because no one should be using DomainKeys going forward (with the exception of those 10 year old MTAs sitting in Cable Internet Providers' basements), although for those rare cases STD76 requires backwards compatibility reading and verifying of the obsolete and deprecated DomainKeys using both SHA1 and SHA256. Even though SHA1 should no longer used for CAs, until the IETF decides to revise STD76 and drop backwards compatibility to DomainKeys all MTAs should be accepting SHA1 for DomainKeys when they are still used.

Really the proper course of action for SmarterMail wouldn't be to upgrade DomainKeys to SHA256 but to disable DomainKeys signing altogether on outgoing mail and only read and verify signatures on incoming emails that are still using it.

We already manually disabled DomainKey signing on all domains some time back and are only using DKIM signing, according to industry standards.
0
Scarab Replied
Valid point. Really the proper course of action for SmarterMail wouldn't be to upgrade DomainKeys to SHA256 but to disable DomainKeys signing altogether on outgoing mail and only read and verify DomainKey signatures on incoming emails that are still using it. The only option for signing of outgoing mail should be DKIM which is already using SHA256 in Smartermail.

Reply to Thread