On Tue, 29 Jan 2013, Vinubalaji Gopal wrote:
> I am trying to run a message through opendkim-testmsg and opendkim with
> the -t option for message verification. I see that the message
> verification succeeds with the opendkim binary but fails when I use
> opendkim-testmsg.
>
> #bash# opendkim-testmsg < /tmp/dkim-test/test-msg.eml
> opendkim-testmsg: dkim_eom(): Bad signature
>
> #bash# opendkim -t /tmp/dkim-test/test-msg.eml
> opendkim: /tmp/dkim-test/test-msg.eml: verification (s=20110426, d=mx.aol.com, 1024-bit key) succeeded
>
> I can send the whole message if that helps. I am pasting the dkim
> related headers here:
>
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com;
> s=20110426; t=1333805525;
> bh=sUtXOD9kIbE9nFaZcq4nK6eMpPFsGcRZMAIvEF18eO0=;
> h=From:Subject:Date:MIME-Version:Content-Type;
> b=YVcndekXGr77RDqorbjg8qeGZALqZAWRkp8en5fZMAuY6Uhqg/wybgffrjqa3KnnB
> aQm/T52Rzt7YSENG3ykhsmW7xQOaT509JKXEYI/eopty7h9mrDugTYqaUf6uL+VQg+
> PC1dIYXzLdzfT8yd9TgelSdLG8T+8+3yIHVVU9Us=DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com;
> s=20110426; t=1333805525;
> bh=sUtXOD9kIbE9nFaZcq4nK6eMpPFsGcRZMAIvEF18eO0=;
> h=From:Subject:Date:MIME-Version:Content-Type;
> b=YVcndekXGr77RDqorbjg8qeGZALqZAWRkp8en5fZMAuY6Uhqg/wybgffrjqa3KnnB
> aQm/T52Rzt7YSENG3ykhsmW7xQOaT509JKXEYI/eopty7h9mrDugTYqaUf6uL+VQg+
> PC1dIYXzLdzfT8yd9TgelSdLG8T+8+3yIHVVU9Us=^M
>
> I found out the difference in the result was due to the extra ^M which
> is due to the difference in the file format. Doing a dos2unix on the
> file fixes opendkim-testmsg to work properly. My question is what does
> opendkim.c do that makes it handle cases like these carriage returns? Is
> there any option in ilbopendkim/opendkim-testmsg to do the same?
I can't reproduce this with just a simple test message. The file "gmail"
below is signed by gmail.com with a valid signature:
medusa[13248]% ls -l gmail
-rw------- 1 msk users 2301 Jan 28 17:48 gmail
medusa[13249]% opendkim/opendkim-testmsg < gmail
medusa[13250]% unix2dos gmail
medusa[13251]% ls -l gmail
-rw------- 1 msk users 2345 Jan 28 17:49 gmail
medusa[13252]% opendkim/opendkim-testmsg < gmail
medusa[13253]%
If you built with --with-unbound, you might be experiencing a bug that's
fixed in 2.8.0. Try the attached patch if that's the case. If not,
please gzip/bzip2 your sample message and send it either to the list or to
me directly for testing.
-MSK
- TEXT/PLAIN attachment: PATCH
Received on Tue Jan 29 2013 - 01:52:08 PST