On Mon 29/Jul/2013 09:12:12 +0200 I wrote:
> On Fri 26/Jul/2013 22:08:58 +0200 Anders wrote:
>>
>> By chance I compared the dkim=fail against what SpamAssassin said:
>>
>> ====== courier log
>>
>> Jul 26 21:45:47 e350 courierfilter:
>> zdkimfilter[12888]:id=0000000000C804FC.0000000051F2D1E6.00003235:
>> verified: dkim=fail (id=@dkim-reputation.org, body hash mismatch,
>> stat=1) rep=0
>>
>> ====== SpamAssassin log
>>
>> Jul 26 21:45:43 e350 spamd[19824]: spamd: processing message
>> <5873b4b23ff3d57de56472c8c0240...@www.dkim-reputation.org> for mail:8
>> Jul 26 21:45:47 e350 spamd[19824]: spamd: clean message (1.8/5.0)
>> for mail:8 in 3.8 seconds, 14419 bytes.
>> Jul 26 21:45:47 e350 spamd[19824]: spamd: result: . 1 -
>>
>> BAYES_50,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_IMAGE_ONLY_16,HTML_MESSAGE
>>
>> scantime=3.8,size=14419,user=mail,uid=8,required_score=5.0,rhost=e350.lan.lechevalier.se,raddr=127.0.0.1,rport=48478,mid=<5873b4b23ff3d57de56472c8c0240...@www.dkim-reputation.org>,bayes=0.499952,autolearn=no
>
> That's an unusual result. It might happen that a message gets
> corrupted, an subsequent verifications fail. The other way around is
> very unlikely.
>
>> What does body hash mismatch mean? Perhaps there are some headers not
>> checked by SA but are checked with zdkimfilter?
>
> The body hash is SHA-1 of the body, ignoring empty lines at the end of
> it ("simple" hashing algorithm). Zdkimfilter assumes Unix-style line
> endings and reinserts CR chars at line ends.
>
>> Spamassassin is run through pythonfilter-1.8. I believe pythonfilter
>> might be run first as it is doing greyfiltering.
>
> Does it alter the body?
>
>> Are the added headers from SpamAssassin the culprit?
>
> Nope. The signed header fields are those indicated by the h= tag. In
> this case: to, subject, date, from, reply-to, message-id, mime-version,
> and content-type.
>
>
>
> back later...
Sorry for he interruption.
That was almost it, anyway: it is not possible to say what part,if any,
of the body was altered without having two copies of the message. If
the reason is that SA does, say, some UTF-8 rewriting of some text,
verification would have to be anticipated --the leading 'z' isn't
helpful in this respect.
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
