Re: OpenDKIM 2.11.0 Alpha release available

From: A. Schulze <sca_at_andreasschulze.de>
Date: Sat, 24 Oct 2015 12:46:40 +0200

Murray S. Kucherawy:

> The major thing in this version is an experimental implementation of
> the conditional signatures proposal.

I now found a configuration where OpenDKIM generate a v=2 signature.

opendkim-2.11.0.conf:
     ConditionalSignatures file:/path/to/conditional_table

conditional_table:
     sender.domain:destination.domain x

_at_Murray: Is this the intended way to configure conditional signatures?

Now sending from sender_at_sender.domain to receiver_at_destination.domain generate
two sigs:
DKIM-Signature: v=2; a=rsa-sha256; c=relaxed/relaxed; d=sender.domain;
         s=test; t=1445682748; !cd=destination.domain;
         bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; l=0;
         h=Date:From:To:Subject;
         b=mZrmkkaantOLkCWUoBJngRTmFUCOjL60IwSXwKEisotLRDSrzon4eufv6NTHFD2at
         3bCIQUgszjDzkDnZyNWnQ4QEMllw2ZBBLEtDhdBonMZM+ZhQ5hIvqb45wgB0opryvQ
         M4OFr83U+tPlpfCwEZeSg+Dhq+Fp6Q7kdRcUhGBh8y/IOaZWUk7nbhCdvqokaZfBZZ
         J44dm3wxenNU9kExJeHjGq3WlU+arpC8oZiio6Hof7I38tpVBLY6WfuOfdN8LJ9WUK
         TfOX4Pwt6DBjVOjwU5XXQFauxaKLM4AQalO30F1TTWnLPYEyZ6B9HSuf3XTkwIyrYA
         HjRbvuFBlhing==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sender.domain;
         s=test; t=1445682748;
         bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
         h=Date:From:To:Subject;
         b=ElY3LmjS1yFDYy0ktgXYZVQqCCXBG73qTlYLhfZXwwzyR13ycC4V0cMyprv6G0QM4
         D9XOx74t7qnc9LPUGc4Rn1LX/XAYgC39Ykzj9Qp1cvgEHMVz/qtOvrevWKidrd48Q6
         52RdiJybvgUXfKkP12+nGHoUbdeBnpOna374bqnZjJkFoWu3ccSUx5q476jyx4ZcYr
         fbJy0L8+MqBX/XVnjOK4Fq/klbEIa3mOvALMhaRmG0Ly8BSZc9RSr0vwc1sL4OlL0N
         ANU1YREemwrw7Y4I5Vybo+KFP/B86lL3amoVWf6S/2TnY/dMnLB8V7HvC4p3rHxk+l
         vV+OnFhE2ax2Q==

But the 'classic' opendkim _at_destination.domain fail to validate:

Oct 24 12:32:28 destination opendkim[29449]: 3njdzJ4ZYgz7tBQ: syntax
error: syntax error in signature data (ASCII 0x21 at offset 99)

It may be possible that this is a consequence of the ignorance that
test155 fail.
I disabled "make check" to build opendkim-2.11.0.alpha0 ...

Andreas
Received on Sat Oct 24 2015 - 10:46:52 PST