Murray S. Kucherawy said the following, On 08/29/2008 12:30 PM: > On Thu, 28 Aug 2008, steve ladewig wrote: >> I belong to a couple of mailing lists which are producing things like: >> SSL error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too >> short; error:04077068:rsa routines:RSA_verify:bad signature >> SSL error:04077068:rsa routines:RSA_verify:bad signature > > "pkcs1 padding too short" generally means the public key matching the > signature on the message is corrupted. This probably has nothing to do > with the fact that it's coming from a mailing list.
So adding additional headers should not effect the signature/body? >> So i created a peerlist file with the CIDR in it and added it to >> dkim-filter.conf. The milter seems to ignore it. > > Right, that's what the peerlist is for. Looks like I now have this setup correctly. > That just means you should trust signatures from specific domains (rather > than ignoring them) if the domain of the signature doesn't match the > domain of the From: header. Also probably not relevant to your case. Scrapped that file and just kept the peerlist. > If you're interested in debugging the problem, have the person who sent > the message which failed try sending you a message directly to see if that > works. I did notice that all the messages that were being rejected came from gmail.com. thanks very much, steve ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
