On 13 Feb 2008 at 7:39, Murray S. Kucherawy wrote:
> On Wed, 13 Feb 2008, System Support wrote:
> > After recreating the keys, I had one successful test. I then added an
> > [EMAIL PROTECTED]; option to the DNS record as suggested on the man page.
> > and the test again stated failing with an indication that it could not
> > find the DNS key. I restored the previous DNS file ( and updated the
> > serial number ), but although the DNS record can now be found, I am back
> > to the original error --
> >
> > Authentication-Results: ns1.qubic.net; dkim=hardfail (verification
> > failed) [EMAIL PROTECTED]
> >
> > This time, however, the dkim-testkey utility does not report any
> > problems. I have reviewed everything and can not seem to figure out
> > what is the problem.
>
> I looked at the text record you were using and it looks fine now, although
> obviously I can't decode the key record visually to verify it wasn't
> damaged during editing. Hard to say. You might want to try with fresh
> keys again.
I did recreate the keys (several times) and I used new selectors to
make sure that I was not getting a old value from some DNS cache.
headers below:
--- start headers
Return-path: <[EMAIL PROTECTED]>
Received: from mail.MicroTechniques.com (microtechniques.com
[72.80.152.51])
by altn.com (c3po.altn.com)
(MDaemon PRO v9.6.4)
with ESMTP id md50002713190.msg
for <[EMAIL PROTECTED]>; Wed, 13 Feb 2008 12:14:33 -0600
Authentication-Results: c3po.altn.com
spf=pass [EMAIL PROTECTED];
sender-id=pass [EMAIL PROTECTED];
x-ip-ptr=pass dns.ptr=microtechniques.com (ip=72.80.152.51);
x-ip-helo=pass smtp.helo=mail.MicroTechniques.com
(ip=72.80.152.51);
x-ip-mail=pass [EMAIL PROTECTED]
(ip=72.80.152.51);
dkim=neutral header.d=MicroTechniques.com (1:-
3:DKIM_SIGNATURE_BAD);
Received-SPF: pass (c3po.altn.com: domain of [EMAIL PROTECTED]
designates 72.80.152.51 as permitted sender)
x-spf-client=MDaemon.PRO.v9.6.4
receiver=c3po.altn.com
client-ip=72.80.152.51
envelope-from=<[EMAIL PROTECTED]>
helo=mail.MicroTechniques.com
X-Spam-Level: ***
X-Spam-Status: No, score=3.50 required=4.4
X-Spam-Report:
* 1.0 NO_REAL_NAME From: does not include a real name
* 0.8 UNDISC_RECIPS Valid-looking To "undisclosed-recipients"
* 1.6 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
* [score: 0.4986]
X-Spam-Processed: c3po.altn.com, Wed, 13 Feb 2008 12:14:33 -0600
(processed during SMTP session)
X-MDOP-RefID: str=0001.0A090206.47B33385.0049,ss=1,fgs=0 (_st=1 _vt=0
_iwf=0)
X-MDPtrLookup-Result: pass dns.ptr=microtechniques.com
(ip=72.80.152.51) (c3po.altn.com)
X-MDHeloLookup-Result: pass smtp.helo=mail.MicroTechniques.com
(ip=72.80.152.51) (c3po.altn.com)
X-MDMailLookup-Result: pass [EMAIL PROTECTED]
(ip=72.80.152.51) (c3po.altn.com)
X-MDDK-Result: neutral (c3po.altn.com)
X-MDDKIM-Result: neutral (c3po.altn.com)
X-MDSPF-Result: unapproved (c3po.altn.com)
X-MDCanon-File: canon-50000195463.txt
X-Rcpt-To: [EMAIL PROTECTED]
X-MDRcpt-To: [EMAIL PROTECTED]
X-MDRemoteIP: 72.80.152.51
X-Return-Path: [EMAIL PROTECTED]
X-Envelope-From: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
Received: from 127.0.0.1 (localhost [127.0.0.1])
by mail.MicroTechniques.com (Falcon mail server) with SMTP id
71D5CB1934
for <[EMAIL PROTECTED]>; Wed, 13 Feb 2008 13:14:18 -0500 (EST)
Received: by mail.MicroTechniques.com (Falcon mail server, from userid
0)
id 77540B191D; Wed, 13 Feb 2008 13:14:16 -0500 (EST)
X-DKIM: Sendmail DKIM Filter v2.4.4 mail.MicroTechniques.com 77540B191D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=MicroTechniques.com;
s=test1; t=1202926457;
bh=mlhCGKJfE6BDKg/Eh8xpezaay4hqOicWTmVxIIgS3
jg=; h=subject:from:Message-Id:Date:To; z=subject:=20dkim-
milter=20
test|from:[EMAIL PROTECTED]|Message-
Id:=20<20080213181
[EMAIL PROTECTED]>|Date:=20Wed,=2013=20Feb=20
2008=2013:14:17=20-0500=20(EST)|To:=20undisclosed-recipients:=3B;
b=elpHwEyk2lKLb6FLZBaRMEuhPLrt5iDIbIA9F2aZxrI5VuzwE6nG2ySu14CNoar//
lb3AwkfnjVB8NaKyz5vkzW1WUCYruK9EUjBKTGBiH5HpBTyyPMMV3qYpqrAR7LKIPlf
rRYJp7xOYIGSlAi6+dVHBMRqPVrIAk1nuR9Czm8=
Subject: dkim-milter test
from: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Date: Wed, 13 Feb 2008 13:14:17 -0500 (EST)
To: undisclosed-recipients:;
X-MDAV-Processed: c3po.altn.com, Wed, 13 Feb 2008 12:14:34 -0600
--- end headers ---
>
> > if I try to send mail from another machine on the network using a mail
> > client I get the following in the logs:
> >
> > external host <host> attempted to send as MicroTechniques.com
> > bad sidnature data
> >
> > and no header gets added. I tried including the local subnet in the
> > InternalHosts file, but that did not seem to help.
>
> Did you restart the filter after editing the configuration file?
>
> The client sending through it isn't in the InternalHosts file but is
> trying to send mail as one of your signing domains.
>
> Check out the ExternalIgnoreList option. That won't get it signing (you
> need InternalHosts for that) but it will eliminate the warning if that's
> what you want.
I had used the ip address in the file, It worked with the FQDN.
However, then locally generated mail stopped being signed because
adding the file surpressed the default 127.0.0.1. If this is the way
that it is going to work, then the default should be supplied in a
default file, not internally in the code, so that it is more obvious
what is happening.
>
> See the OPERATIONS section of the man page to learn what makes the filter
> decide to sign vs. verify.
Which man page would that be? 'man dkim-filter' does not find anything
on my system.
..don
support (at) microtechniques.com
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
