> On Dec 18, 2018, at 10:02 AM, Laura Atkins <[email protected]> wrote: > > You never published your DKIM key in DNS. > > https://tools.wordtothewise.com/dkim/check/mta5.uits.uconn.edu;/dkim1 > > So the mail is being signed, but the signature is failing because there’s no > public key to use to verify.
No, it's published. You accidentally copied a semicolon with the hostname. But it seems to be missing the leading "M" in p= relative to what's listed below now, which seems to be causing my tools to barf on it, and maybe validators too. Cheers, Steve > > laura > > >> On 17 Dec 2018, at 18:18, Fazzina, Angelo <[email protected]> wrote: >> >> Hi, thank you. >> Here are the headers of the test email I sent. >> I sent it with Thunderbird through mta5 which signed it, and relayed it to >> next hop, and it was delivered. >> >> I think you are saying since I configured the server to both verify and sign >> emails, it won’t bother verifying an email the server itself signed, so I >> won’t ever get a report ? I think I read something like that in the RFC’s ? >> >> >> Sounds like my testing method may be flawed. L >> >> >> Received: from BYASPR01MB1.namprd05.prod.outlook.com (2603:10b6:406:80::38) >> by >> BN7PR05MB5859.namprd05.prod.outlook.com with HTTPS via >> BN7PR06CA0025.NAMPRD06.PROD.OUTLOOK.COM; Fri, 14 Dec 2018 20:50:45 +0000 >> Received: from CO2PR05CA0064.namprd05.prod.outlook.com (2603:10b6:102:2::32) >> by BYASPR01MB1.namprd05.prod.outlook.com (2603:10b6:a02:ce::33) with >> Microsoft SMTP Server (version=TLS1_2, >> cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1446.9; Fri, 14 Dec >> 2018 20:50:44 +0000 >> Received: from SN1NAM01FT045.eop-nam01.prod.protection.outlook.com >> (2a01:111:f400:7e40::209) by CO2PR05CA0064.outlook.office365.com >> (2603:10b6:102:2::32) with Microsoft SMTP Server (version=TLS1_2, >> cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1446.10 via Frontend >> Transport; Fri, 14 Dec 2018 20:50:43 +0000 >> Authentication-Results: spf=none (sender IP is 137.99.25.249) >> smtp.mailfrom=appmail.uconn.edu; uconn.mail.onmicrosoft.com; dkim=fail >> (invalid public key) header.d=mta5.uits.uconn.edu;uconn.mail.onmicrosoft.com; >> dmarc=none action=none header.from=appmail.uconn.edu;compauth=pass reason=105 >> Received-SPF: None (protection.outlook.com: appmail.uconn.edu does not >> designate permitted sender hosts) >> Received: from mta5.uits.uconn.edu (137.99.25.249) by >> SN1NAM01FT045.mail.protection.outlook.com (10.152.65.226) with Microsoft SMTP >> Server id 15.20.1446.11 via Frontend Transport; Fri, 14 Dec 2018 20:50:43 >> +0000 >> Received: from [137.99.80.129] (angelo.uits.uconn.edu [137.99.80.129]) >> by mta5.uits.uconn.edu (Postfix) with ESMTP id 088EA3000A2C >> for <[email protected]>; Fri, 14 Dec 2018 15:50:43 >> -0500 (EST) >> DKIM-Filter: OpenDKIM Filter v2.11.0 mta5.uits.uconn.edu 088EA3000A2C >> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mta5.uits.uconn.edu; >> s=dkim1; t=1544820643; r=y; >> bh=9ZoLOUiYT9ubu7ykLiU305ZLqHeoTNV83po4QgGRepU=; >> h=To:From:Subject:Date:From; >> >> b=uPOMfVq7Ilr0/e2GEwEIiRotuX1gacod2Tmk7c1lfcYUpNTUznjUXPyNidTlbhrLA >> >> ylDHc1xE1P/B1NBo0awxBN4Qbwjz8UWUC1vQpQsrenWnhr+Rp46g7KKqWWZ2Sjw0O0 >> 0RV2EF9aD1UP5bd7qLtuQHQ9gye5cVCBv6uVdM7g= >> To: [email protected] >> From: "Fazzina, Angelo" <[email protected]> >> Subject: broken test number 2 >> Message-ID: <[email protected]> >> Date: Fri, 14 Dec 2018 15:50:42 -0500 >> User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 >> Thunderbird/60.3.3 >> MIME-Version: 1.0 >> Content-Type: text/plain; charset="utf-8"; format=flowed >> Content-Transfer-Encoding: 7bit >> Content-Language: en-US >> Return-Path: [email protected] >> >> -ANGELO FAZZINA >> >> ITS Service Manager: >> Spam and Virus Prevention >> Mass Mailing >> G Suite/Gmail >> >> [email protected] >> University of Connecticut, ITS, SSG, Server Systems >> 860-486-9075 >> >> From: Murray S. Kucherawy <[email protected]> >> Sent: Monday, December 17, 2018 12:03 PM >> To: Fazzina, Angelo <[email protected]> >> Cc: [email protected] >> Subject: Re: [Ietf-dkim] Looking for a little help testing DKIM failure >> reports, thank you. >> >> DKIM verifiers are not required to generate reports. It's completely >> optional. Does the place you're sending to advertise somehow that they will >> be generated? >> >> On Mon, Dec 17, 2018 at 8:36 AM Fazzina, Angelo <[email protected]> >> wrote: >> Hi, I am trying to test my TXT records for the ability to report failures. >> Talking about RFC 6651 >> >> These are my records >> >> dkim1._domainkey.mta5.uits.uconn.edu text = "v=DKIM1\; k=rsa\; >> p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/YIuJIABa9M7Ox5AXs6CP6z26d/i9JDrHW58YU/OzfsEr6yADboIOydCaiiVaNuwtkbx >> catzd6/iutxWbAiY51rRAvVdBs2YIoGO6Glzeev66ft8IfMnHgxND438KIsdOjUmJZuglFJUWGzCYDSC1eq/zqDVncFwTxWkKW/qtxQIDAQAB" >> >> _report._domainkey.mta5.uits.uconn.edu text = "ra=dkim-errors\; rp=100\; >> rr=all" >> >> >> Here is a test email sig header >> v=1; a=rsa-sha256; c=relaxed/simple; d=mta5.uits.uconn.edu; s=dkim1; >> t=1544820643; r=y; bh=9ZoLOUiYT9ubu7ykLiU305ZLqHeoTNV83po4QgGRepU=; >> h=To:From:Subject:Date:From; >> b=uPOMfVq7Ilr0/e2GEwEIiRotuX1gacod2Tmk7c1lfcYUpNTUznjUXPyNidTlbhrLA >> ylDHc1xE1P/B1NBo0awxBN4Qbwjz8UWUC1vQpQsrenWnhr+Rp46g7KKqWWZ2Sjw0O0 >> 0RV2EF9aD1UP5bd7qLtuQHQ9gye5cVCBv6uVdM7g= >> >> Here is a test email result header >> spf=none (sender IP is 137.99.25.249) >> smtp.mailfrom=appmail.uconn.edu;uconn.mail.onmicrosoft.com; dkim=fail >> (invalid public key) >> header.d=mta5.uits.uconn.edu;uconn.mail.onmicrosoft.com; dmarc=none >> action=none header.from=appmail.uconn.edu;compauth=pass reason=105 >> >> >> So I can simulate a failure, but cannot seem to get a report emailed to >> [email protected] ? >> >> I made sure account exists on server: >> [root@mta5 home]# ls -l /home/|grep dkim >> drwx------. 2 dkim-errors dkim-errors 78 Dec 10 16:21 >> dkim-errors >> >> >> >> How often are the failure reports generated ? did not see that mentioned in >> the RFC’s ? >> >> Does anyone see anything obvious that I am doing wrong ? >> Thank you. >> >> >> -ANGELO FAZZINA >> >> ITS Service Manager: >> Spam and Virus Prevention >> Mass Mailing >> G Suite/Gmail >> >> [email protected] >> University of Connecticut, ITS, SSG, Server Systems >> 860-486-9075 >> >> _______________________________________________ >> Ietf-dkim mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ietf-dkim >> _______________________________________________ >> Ietf-dkim mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ietf-dkim > > -- > Having an Email Crisis? We can help! 800 823-9674 > > Laura Atkins > Word to the Wise > [email protected] > (650) 437-0741 > > Email Delivery Blog: https://wordtothewise.com/blog > > > > > > > > _______________________________________________ > Ietf-dkim mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf-dkim _______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
