RE: opendkim verify, but signed email has a hardfail. Fwd: [Fwd: Auto-response from dk.elandsys.com]

From: Josef Karliak <karliak_at_ajetaci.cz>
Date: Wed, 09 Nov 2011 08:26:32 +0100

   Huh, antispam/antivir server add some records to the mail's header, like:
   Received: by antivir2.fnhk.cz (Postfix, from userid 8)
         id 5625628308; Wed, 9 Nov 2011 07:58:14 +0100 (CET)
X-Spam-FNHK: NO
X-Spam-Status: No, version=123456789
X-Spam-Checker-Version: Antispam
Received: from antivir2.fnhk.cz (localhost [127.0.0.1])
         by vbms.DUMMY (Postfix) with SMTP id 2F711282A0
         for <autorespond+dkim_at_dk.elandsys.com>; Wed, 9 Nov 2011
07:58:14 +0100 (CET)
Received: from kostnew.fnhk.cz (intr.fnhk.cz [195.113.123.99])
         by antivir2.fnhk.cz (Postfix) with ESMTP id 0DC89282A0
         for <autorespond+dkim_at_dk.elandsys.com>; Wed, 9 Nov 2011
07:58:14 +0100 (CET)
X-DKIM: Sendmail DKIM Filter v2.7.2 antivir2.fnhk.cz 0DC89282A0
Authentication-Results: antivir2.fnhk.cz; dkim=hardfail
         (verification failed) header.i=_at_fnhk.cz; dkim-adsp=fail
X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 antivir2.fnhk.cz 0DC89282A0
Authentication-Results: antivir2.fnhk.cz; domainkeys=fail (no
signature) header.from=karliak_at_fnhk.cz

   Could be it ? So it is able to sign only body ? Or what do you recommend ?
   Thank you very much
   J.K.

Cituji "Murray S. Kucherawy" <msk_at_cloudmark.com>:

>> -----Original Message-----
>> From: opendkim-users-bounce_at_lists.opendkim.org
>> [mailto:opendkim-users-bounce_at_lists.opendkim.org] On Behalf Of
>> Josef Karliak
>> Sent: Tuesday, November 08, 2011 11:08 PM
>> To: SM
>> Cc: opendkim-users_at_lists.opendkim.org
>> Subject: Re: opendkim verify, but signed email has a hardfail. Fwd:
>> [Fwd: Auto-response from dk.elandsys.com]
>>
>> Hi,
>> I forward the results of the test. I had to forward it as a
>> attachment.
>> But you're right, signing is on the one server, then it is mail sent
>> to another, that make antivir/antispam check (postfix with Virusbuster
>> and with spamassasisn), then is email sent to our another pop3/imap
>> server or to the server to the internet by MX record...Could be it ?
>
> If there is any change at all to the signed parts of the message
> after it hits the antivirus/antispam server, that'll break the
> signature. So yes, I'd look there.
>
>
>



-- 
Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a  
DomainKeys/DKIM (with ADSP) . Pokud mate problemy s dorucenim emailu,  
zacnete pouzivat metody overeni puvody emailu zminene vyse. Dekuji.
My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP)  
policy and check. If you've problem with sending emails to me, start  
using email origin methods mentioned above. Thank you.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.




Received on Wed Nov 09 2011 - 07:26:40 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:21 PST