On Tue, Mar 29, 2011 at 11:07 AM, brandon murphy
<[email protected]> wrote:
> I have tested using outlook express from a windows server in my deve
> environment, using mail on the dkim test box, and using alpine
>
> my DNS records show up on brandoncheckett test as such
>
> Message contains this DKIM Signature:
>
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dkimtest.reyrey.net;
> s=default; t=1301417449;
> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
> h=To:Subject:Message-Id:Date:From;
>
> b=vHrFZQTBl1DOSfvcx0ir5VORt7PRRPL/InG6+Dsq7YXmr6RESygt3NBstPIZawxVW
> 3CuBZpjCbMSYzyvl0eeJmfNb2kLhDTzx1UWFjI6V8easXqm5UnQNN6WS8ConZFHlQL
> UVVkFPjh420mSp3Lw+X81plpKEta3R5KbjKhJq2E=
With opendkim you can turn on a test mode which encodes all of the
data that was used to sign the email. That would tell us what has
changed from the 5 fields that it signed.
1. To:
2. Subject:
3. Message-Id: ****
4. Date: ****
5. From:
**** Note that if a signature says it signed one of these marked
fields, but your mail client didn't insert it, and the MTA inserts it
_after_ the signature, that will break the signature.
> v= Version: 1
> a= Algorithm: rsa-sha256
> c= Method: relaxed/relaxed
> d= Domain: dkimtest.reyrey.net
> s= Selector: default
> q= Protocol:
>
> bh= g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=
> h= Signed Headers: To:Subject:Message-Id:Date:From
> b= Data:
> vHrFZQTBl1DOSfvcx0ir5VORt7PRRPL/InG6+Dsq7YXmr6RESygt3NBstPIZawxVW
> 3CuBZpjCbMSYzyvl0eeJmfNb2kLhDTzx1UWFjI6V8easXqm5UnQNN6WS8ConZFHlQL
>
> UVVkFPjh420mSp3Lw+X81plpKEta3R5KbjKhJq2E=
If you get a version that will insert debugging entries, then your
signature will look like this:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ivenue.com;
s=test-dk; t=1301411937;
bh=07/Q/EwkrDZO9QBqh0iWjfGS7ouxrqhXySe+7GKiW8g=;
h=Date:Message-Id:From:To:Subject;
z=Date:=20Tue,=2029=20Mar=202011=2008:15:02=20-0700|Message-Id:=20<
[email protected]>|From:=20root@admin
51.ivenue.net=20(Cron=20Daemon)|To:[email protected]|Subject:
=20Cron=20<root@admin51>=20for=20HEADERS=20in=20/tmp/spamSCOMPhead
ers.log=20/tmp/spamDirectHeaders.log=20/tmp/spamIvenueHeaders.log=
20/disk1/tmp/spamHostPattern.log=20/tmp/spamScoredLogfile.log=3B=2
0do=20[=20-s=20$HEADERS=20]=20&&=20/usr/local/sbin/add_bl_list.pl=
20--file=3D$HEADERS=20--logfile=3D/tmp/addBlacklist.log=20&&=20>=2
0$HEADERS=3B=20done=3B=20nice=20/usr/local/sbin/update_bl_zone.pl=
3B=20nice=20/usr/local/sbin/update_wl_zone.pl|X-Cron-Env:=20<MAILT
[email protected]>|X-Cron-Env:=20<SHELL=3D/bin/sh>|X-Cron-En
v:=20<HOME=3D/root>|X-Cron-Env:=20<PATH=3D/usr/bin:/bin>|X-Cron-En
v:=20<LOGNAME=3Droot>|X-Cron-Env:=20<USER=3Droot>|X-Virus-Scanned:
=20clamav-milter=200.97=20at=20lunar.ivenue.com|X-Virus-Status:=20
Clean;
b=HgM0nxsMr65c8xdyGWZ5PV2PETCxcMXdjPmcRroaM9FDIcwXKyJfCa1OV6Favx/Br
Qe81Bg9E8j2K+DtE8NTJQ==
Note the z= setting. It shows exactly what was used to sign the
email. It's enabled in opendkim by adding:
Diagnostics Yes
I am not aware if it was an option in dkim-milter.
--
Regards... Todd
"It is the nature of the human species to reject what is true but
unpleasant and to embrace what is obviously false but comforting."
"You might be a skeptic if you have pedantically argued the topic of pedantry."
------------------------------------------------------------------------------
Enable your software for Intel(R) Active Management Technology to meet the
growing manageability and security demands of your customers. Businesses
are taking advantage of Intel(R) vPro (TM) technology - will your software
be a part of the solution? Download the Intel(R) Manageability Checker
today! http://p.sf.net/sfu/intel-dev2devmar
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
