opendkim AUTH pass-es for received mail, but fails on forward ...

From: <locuse_at_mm.st>
Date: Tue, 10 Apr 2012 13:46:22 -0700

hi,

i've opendkim 2.5.2 installed on Ubuntu 10LTS/64. it's configured to
work with a Zimbra server.

i've got a use case that's zimbra-related, that manifests in an opendkim
authentication error.

i'd appreciate if someone might take a peek, and comment if this is
likely an opendkim or zimbra issue, and, perhaps, what to look for.

here's what i think is releveant info re: the use case:

i have a zimbra server, "zimbra.locusetest.net"
it hosts two domains, "doma.locusetest.net" and "domb.locusetest.net"
both domains are being opendkim signed; outbound signing passes analysis
by the 'port25' verifier.

i've created an inbound mail zimbra user rule (server-side sieve, iiuc)
for "locuse_at_doma.locusetest.net"

on receipt, that rule does two things:
        (1) keeps a copy of the received msg in the inbox of
        "locuse_at_doma.locusetest.net"
        (2) execs "Forward Mail" of the same received message to
        "locuse_at_domb.locusetest.net"

i send an email to "locuse_at_doma.locusetest.net" from an external
account, NOT on the zimbra server, that happens to be be DKIM signed.

once received and rule-processed, i 'diff' the full/raw messages
(headers & content) for cases (1) & (2).

the full 'diff' result i've pasted here: http://pastebin.com/2kXKYPEv

in the (1)st case, i see a "dkim=pass":

        70 ! Authentication-Results:
        zimbra.locusetest.net/B554D606A2; dkim=pass
                ! (1024-bit key) header.i=_at_fastmail.fm
                header.b=Ezf5+eQD;
                ! dkim-adsp=pass

but in the (2)nd case, i see a "dkim=fail":

        83 + Authentication-Results:
        zimbra.locusetest.net/DD856606A2; dkim=fail
                + (verification failed) header.i=_at_fastmail.fm
                header.b=Ezf5+eQD;
                + dkim-adsp=temperror (missing parameter(s) in
                policy data)

the process of rule-forwarding the message is causing the DKIM Auth
check to fail.

is it opendkim config ( in "policy data"?), zimbra config, screwy
process flow, or something else?

thanks
Received on Tue Apr 10 2012 - 20:46:34 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:39 PST