https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5890
Justin Mason <[EMAIL PROTECTED]> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #3 from Justin Mason <[EMAIL PROTECTED]> 2008-04-21 04:53:41 PST
---
yeah, you're dead right -- upgrading Mail::DKIM to CPAN's latest version now
gives me:
[20631] dbg: dkim: performing public key lookup and signature verification
[20631] dbg: dkim: signing identity: [EMAIL PROTECTED], d=paypal.com,
a=rsa-sha1, c=nofws
[20631] dbg: dkim: signature verification result: PASS
[20631] dbg: dkim: policy: performing lookup
[20631] dbg: dkim: policy result neutral: o=~
[20631] dbg: spf: def_whitelist_from_spf: [EMAIL PROTECTED] is in
DEF_WHITELIST_FROM_SPF and passed SPF check
[20631] dbg: rules: ran eval rule USER_IN_DEF_SPF_WL ======> got hit (1)
[20631] dbg: rules: ran eval rule DKIM_VERIFIED ======> got hit (1)
[20631] dbg: rules: ran eval rule DKIM_SIGNED ======> got hit (1)
nice.
unfortunately the version of Mail::DKIM I was using was the default version
distributed with Ubuntu gutsy. c'est la vie I guess :( here's the package
details:
: jm 713...; dpkg -s libmail-dkim-perl
Package: libmail-dkim-perl
Status: install ok installed
Priority: optional
Section: perl
Installed-Size: 304
Maintainer: Ubuntu MOTU Developers <[EMAIL PROTECTED]>
Architecture: all
Version: 0.26-2
Depends: perl (>= 5.6.0-16), liberror-perl, libdigest-sha1-perl,
libdigest-sha-perl, libmailtools-perl, libnet-dns-perl,
libcrypt-openssl-rsa-perl (>= 0.22)
Description: cryptographically identify the sender of email - perl library
RFC 4871, DomainKeys Identified Mail (DKIM), defines a domain-level
authentication framework for email using public-key cryptography and
key server technology to permit verification of the source and
contents of messages by either Mail Transport Agents (MTAs) or Mail
User Agents (MUAs).
.
This is a Perl implementation created by Jason Long of Messiah
College. It performs signing as well as signature verification. It
also supports the older DomainKeys standard.
.
Homepage: http://jason.long.name/dkimproxy/
Original-Maintainer: Magnus Holmgren <[EMAIL PROTECTED]>
we may need to document this, IMO. looks like the fix was added in 0.27:
http://search.cpan.org/src/JASLONG/Mail-DKIM-0.30.1/Changes
rsion 0.27 - released 2007-07-25
* Sender signing policies are now better implemented
* Both Yahoo! DomainKeys signing policies and the under-development
IETF DKIM signing policies are supported
* Yahoo! DomainKeys policies can protect the Sender: header
* DKIM signing policies can protect the From: header
Look at Mail::DKIM::Verifier's fetch_author_policy() and
fetch_sender_policy() methods for hints.
how's about we make that the new required baseline version?
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
