Alexey Loukianov wrote:
> Здравствуйте, Alexey.
>
> The answer to my question concerning CLI utility to test DK in a
> message, as it always happens, were near.
>
> # rpm -ql libdomainkeys-toaster
> /usr/bin/dknewkey
> /usr/bin/dktest
> /usr/include/dktrace.h
> /usr/include/domainkeys.h
> /usr/lib/libdomainkeys.a
> /usr/share/doc/libdomainkeys-toaster-0.68
> /usr/share/doc/libdomainkeys-toaster-0.68/CHANGES
> /usr/share/doc/libdomainkeys-toaster-0.68/README
> /usr/share/doc/libdomainkeys-toaster-0.68/dknewkey.html
> /usr/share/doc/libdomainkeys-toaster-0.68/dktest.html
> /usr/share/doc/libdomainkeys-toaster-0.68/softwarelicense1-1.html
>
> Gotcha! There is something called dktest.
> # elinks /usr/share/doc/libdomainkeys-toaster-0.68/dktest.html
>
> Yeah, it is just what I was looking for. Let me feed it with a message
> in question:
>
> # cat 00000525.MSG | dktest -v
> Comment: DomainKeys? See http://domainkeys.sourceforge.net/
> DomainKey-Status: good
>
> Hmm. That's it. DK signature on message is intact. Even more - it stayed
> correct in spite of the fact that message was slightly modified by
> SpamAssassin on transit server. The conclusion is that there is a BUG in
> qmail-dk, and it does something wrong when checking mail.
> So I recommend all users of qmail-toaster to turn off domainkeys
> checking code as following:
> # cd /var/qmail/bin
> # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue
>
> I'll try to investigate the cause of this bug ASAP, as we run here a
> bunch on production-level mail servers, and I need correctly
> functioning SMTPd server with DK-checking enabled badly, and it'd
> be too costly for us to migrate to another MTA :-(.
>
Thank you very much for looking into this too. I've always suspected that
there was a problem with qmail-dk.
FWIW, I've simply removed all DK variables except DKSIGN from my tcp.smtp,
and regenerated cdb. That seems to have fix the problem I was having, but
from what you've said perhaps not. I'm not running a separate proxy-type
setup though, so maybe there is more than one bug. We used to say that the
number of bugs that exist is proportional to the number already found. ;)
I'll be less in touch for the next couple weeks, but will be eager to see
what progress you make.
Thanks again.
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
