Hi all I am trying desperately to have my DKIM signatures accepted by Yahoo! and Gmail. Strangely, if I send a message via any given email client like Thunderbird or Squirrelmail, I have no problem whatsoever. But I need to send a large amount of Newsletters - the reason why it is paramount that they get signed with DKIM, so that we don't land in some provider's spam folder. The newsletter program we use is OpenEMM. Since OpenEMM doesn't support either DKIM or DomainKeys, I wrote a perl script that creates a watch with inotify on OpenEMM's mail queue and sends them via Mail::Sender and SMTP to exactly the same sendmail process that signs other mails correctly. It doesn't work with those mails, though. They are signed but Gmail shows a "hardfail" and Yahoo says "bad sig". What's odd: I was able to get Yahoo and Gmail to accept the signature with an email whose headers I'd previously significantly shortened. I took the following control file:
T1263300415 S<[email protected]> R<[email protected]> H?P?Return-Path: <[email protected]> HReceived: by mail.company.com for <[email protected]>; Tue, 12 Jan 2010 12:46:55 GMT HMessage-ID: <[email protected]> HDate: Tue, 12 Jan 2010 12:46:55 GMT HFrom: Company Inc. <[email protected]> HReply-To: Reply Company Inc. <[email protected]> HTo: <[email protected]> HSubject: domainkeys test 13.46 HX-Mailer: OpenEMM V6.0.1 HMIME-Version: 1.0 HContent-Type: text/plain; charset="UTF-8" HContent-Transfer-Encoding: quoted-printable . and changed it like that: T1263300415 S<[email protected]> R<[email protected]> H?P?Return-Path: <[email protected]> HMessage-ID: <open...@invalid> HDate: Tue, 12 Jan 2010 11:39:55 GMT HFrom: Company <[email protected]> HReply-To: Company <[email protected]> HTo: <[email protected]> HSubject: 11.51 HX-Mailer: OpenEMM HMIME-Version: 1.0 HContent-Type: text/plain; charset="UTF-8" HContent-Transfer-Encoding: quoted-printable . The second version's signature is accepted by Yahoo and Gmail. Note that I process the headers, and parse out the sendmail-specific stuff (like the 'H' preceding the header lines. The headers that I feed to the perl sender are correct, so that shouldn't be the problem. The second version is slightly longer but it beats me how that should make a difference as there is no way to ensure that the complete length of the headers doesn't exceed a certain size. If anyone could so much as point me in the right direction, that would be great as I've been working on this for quite a long time and my boss is beginning to expect some results. ;-) Thanks in advance! Sven-Thorsten Fahrbach ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
