> I changed to use 1024 bit RSA key, and seems the email passed DKIM > validation. Seems that my perl installation at iwtek.net somehow cannot > validate 2048 bit RSA DKIM signatures. Does anyone have some clue?
That is possible too, the DNS packet is probably larger than 512 bytes, and perhaps your DNS resolver does not fallback to TCP or EDNS0, or you have TCP on port 53 blocked at a firewall. Mark Turns out the problem is here is the classic problem of "I got a old (or broken?) system". I tried to use Mail::DKIM library directly to debug the problem, and got this error message when a email with RSA 2048 bit signature is fed into. verify result: invalid (public key: Bad arg length for Socket::unpack_sockaddr_in, length is 4095, should be 16 at /usr/local/lib/perl5/5.8.6/i686-linux/Socket.pm line 370, <STDIN> line 41.) Feeding a email with RSA 1024 bit signature doesn't have any problem. -- View this message in context: http://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28186154.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
