Hi Maxim,
On 15/12/2023 15:15, Maxim Galaganov wrote:
> On 15.12.2023 16:56, Matthieu Baerts wrote:
>> Hi Maxim, Mat,
>>
>> On 11/12/2023 13:03, Maxim Galaganov wrote:
>>> Support useful sockopts that allow fine control over ephemeral port
>>> usage.
>>>
>>> v3:
>>> - Change patch 2/3 with regards to commit d9f28735af87 ("Use
>>> READ/WRITE_ONCE() for IP local_port_range.")
>>> - Drop Mat's Reviewed-By tag in patch 2/3 because of changes
>>
>> Thank you for the patches and the reviews!
>>
>> Please note that 'b4' is telling me that your emails are not properly
>> signed by your SMTP server:
>>
>> BADSIG: DKIM/internet.ru
>>
>> That's not blocking here, but it could be a sign someone is trying to
>> forge the sender address.
>
> This is because of DKIM expiration (DKIM-Signature header contains t=
> and x= tags, that make signature invalid after some time). It is
> reasonably effective to prevent DKIM replay attacks, also can be done by
> rotating DKIM selectors (gmail does that, IIRC).
>
> Running b4 with -d flag tells:
> DKIM: x= value is past (b'1702386232')
>
> Otherwise header and body hashes should verify OK here..
Thank you for having checked that! I already saw that before [1], but I
forgot about that!
[1]
https://lore.kernel.org/tools/ddeefd4d0323df0948565fea2ffb55793fdcc8dc@linux.dev/
Cheers,
Matt
--
Sponsored by the NGI0 Core fund.