Re: [Assp-user] ASSP and DKIM Signing

Wed, 31 Mar 2021 13:23:20 -0700 

Fixed that now.  I was working on wrapping in the DNS to get it to load.

Eric


> On Mar 31, 2021, at 3:11 PM, Dossy Shiobara <do...@panoptic.com> wrote:
> 
> 
> 
> On 3/31/21 12:57 PM, Eric Germann wrote:
>> [...]
>> In /usr/local/assp/dkim/dkimconfig.txt I have the following for my domain
>> 
>> [...]
>> 
>> My public key is published in the DNS for XXXX.com <http://xxxx.com/>.  I’ve 
>> verified it’s there by doing a "dig @nameserver dkim._domainkey.XXXX.com 
>> <http://domainkey.xxxx.com/> +short".  It matches what is in the DKIM 
>> generator.
> 
> You tried to obscure the domain name but you missed redacting it one place.  
> If that domain name is the actual one you're working with, then your DNS 
> entry is incomplete:
> 
> ```
> $ dig dkim._domainkey.semperen.com txt +short
> "v=DKIM1"
> ```
> 
> Compare that to the published DKIM key for my domain, panoptic.com:
> 
> ```
> $ dig default._domainkey.panoptic.com txt +short
> "v=DKIM1\; k=rsa\; 
> p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjlAjovTKKp1Nx74U4Atv4QEalKWvG0w6AwLLuecBLSwes2wi+C6ov9+LwaOPFRkM"
>  
> "yzpzRQkeAz26LsB3otCVpraSqsaNTkJkOi7BNrMeefQmMV7VETy9Q9bu9y62DYsnsQTJbyGigJzPZUOxRgFobZcNFO3ysIEbwHgau8dOkZMqBGL4dq2uHJTJsHmcdiE"
>  
> "y8X2DsHoRpg5M26YPuvsLRYS+7qzSAPaXzq42zNScL5a6KCqu2t77HFz0tw6kSL3NbzrErAjsXZR828Wky/BeguwgK1m8CM7VIcpc0vHoYscbl2glOw6PJIhFPkMKSa"
>  "50F0L9kMwGyfqVTUaE+KcEQIDAQAB"
> ```
> 
> Not sure if the lack of public key published in your DNS entry would result 
> in a "bad RSA signature" failure on validation, but there's no way to 
> validate the signature without your public key published properly.
> 
> HTH, HAND,
> 
> Dossy
> 
> -- 
> Dossy Shiobara         |      "He realized the fastest way to change
> do...@panoptic.com <mailto:do...@panoptic.com>     |   is to laugh at your 
> own folly -- then you
> http://panoptic.com/ <http://panoptic.com/>   |   can let go and quickly move 
> on." (p. 70) 
>   * WordPress * jQuery * MySQL * Security * Business Continuity *


_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user






















					Reply via email to