Re: [dmarc-discuss] Strange behaviour with Google calendar notifications

2016-12-07 Thread Denis Salicetti via dmarc-discuss 
Hi Guys,
the problem with the 2048-bit DKIM key has been resolved. Now I can see it
valid and Google calendar notifications have been resolved as well.

Thank you very much.

*Denis Salicetti* 

Avviso di riservatezza  | Inviami messaggi protetti


2016-12-06 22:01 GMT+01:00 Sim via dmarc-discuss :

> Hi Denis,
>
> Am 06.12.2016 um 20:58 schrieb Denis Salicetti via dmarc-discuss:
> >
> > I tried to verify if all the DNS records of my domain (SPF, DKIM and
> > DMARC) were good and I found out that the 2048-bit DKIM key was no
> > longer valid. This is strange because it was good so far, so I decided
> > to contact my DNS provider.
> That's odd. [Protodave's
> keychecker](https://protodave.com/tools/dkim-key-checker/?
> selector=google=galeati.it)
> is still showing the string 'CEji' while I cannot find it in here.
>
> $ dig +short google._domainkey.galeati.it txt @ns1.acantho.net|grep CEji
> $ dig +short google._domainkey.galeati.it txt @ns3.acantho.net|grep CEji
>
> It is a valid pubkey without the 'i':
> -BEGIN PUBLIC KEY-
> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx5rG60SwrFaFctJVHSF
> JRxylWDdjj3KMo8uDLoVn1CEjB5FbeJKE1I0huUA3m5GLaTyXEr8d61G9kTiQUpr
> uCCyKm83dIPv1gerCNivnBs0keWTBt8oaQzXEkxfFN9IFvS1/okcSOz5GwqKHsFZ
> BKSQE+VPpXcMwsgY5ECKlByKjE9LEi2jxud1R5p8GFCUHHYICGOvNwOk0K0eCC7v
> K6rNWxuP86nuYWSYaKTJIfZgCp7FanUg3DuyTSOiN9vwfUceexEk3H2Zn242/pi2
> HYozvTLY7Gw2MtQ7YVNvmfivbc1p2hwrbLnZkW3mKvBDofo08K76US66c2qyVn4z
> cQIDAQAB
> -END PUBLIC KEY-
>
> I guess caching is playing tricks and you fixed it already?
>
> Simon
> ___
> dmarc-discuss mailing list
> dmarc-discuss@dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>
> NOTE: Participating in this list means you agree to the DMARC Note Well
> terms (http://www.dmarc.org/note_well.html)
>
___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)

[dmarc-discuss] Lessons learned from ADSP

2016-12-07 Thread Julian Hansmann via dmarc-discuss 
Hi there!

In 2013 the status of RFC 5617 "DomainKeys Identified Mail (DKIM) Author Domain 
Signing Practices (ADSP)" was changed to 'historic'. The reasons given included:
* ' ADSP has garnered almost no deployment and use in the 4 years since its 
advancement to IETF Proposed Standard.'
* ' There have, for example, been real cases where a high-value domain 
published an ADSP record of "discardable", but allowed users on their domain to 
subscribe to mailing lists.  When posts from those users were sent to other 
domains that checked ADSP, those subscriber domains rejected the messages, 
resulting in forced unsubscribes from mailman (due to bounces) for the 
unsuspecting subscribers.'

Since DMARC is basically ADSP on steroids and more complicated I have the 
following -serious- questions:

* Is there any information available why ADSP has seen so little adoption? How 
is this issue addressed with DMARC?
* Since the mailing lists issue also applies to DMARC and actually became part 
of the reason ADSP was dumped (see above) how did you make sure the same thing 
won't happen to DMARC?

Kind regards,
Julian Hansmann

___
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss

NOTE: Participating in this list means you agree to the DMARC Note Well terms 
(http://www.dmarc.org/note_well.html)