Re: The signatures in the mail header and my installed keys don't match. (fwd) from Mike McKoy on 2015-05-19 (OpenDKIM Users mailing list)

From: Mike McKoy <mikemckoy_at_gmail.com>
Date: Tue, 19 May 2015 19:07:58 -0400

thank you for moving this. How should I start troubleshooting? I have no
idea where to start

--
Mike McKoy
*404.590.7176*
http://MyForeverHair.com
http://www.MyModelTalk.com
http://InCrowdUSA.net
http://www.google.com/profiles/mikemckoy
On Tue, May 19, 2015 at 6:38 PM, Murray S. Kucherawy <msk_at_blackops.org>
wrote:
> [moving from opendkim-dev]
>
>
> ---------- Forwarded message ----------
> Date: Tue, 19 May 2015 13:55:55 -0700 (PDT)
> From: Murray S. Kucherawy <msk_at_blackops.org>
> To: Mike McKoy <mikemckoy_at_gmail.com>
> Cc: opendkim-dev_at_lists.opendkim.org
> Subject: Re: The signatures in the mail header and my installed keys don't
>     match.
>
> On Tue, 19 May 2015, Mike McKoy wrote:
>
>> So I've installed OPENDKIM and want to get it working before I setup NAMED
>> on this server. Currently Godaddy is handling my DNS. DKIM is signing
>> messages but it seems to be using the wrong key. I don't know how it is
>> doing this because I checked the keys in /etc/opendkim/keys and they don't
>> resemble the one I see in the header. Looking in maillogs there are no
>> errors when signing.
>>
>> Here is a copy of of my key:
>> "v=DKIM1; k=rsa; "
>>
>> "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCn9CWknWP9Og0wVt4xoDsBLJHfatuP/6GTSR2+VE4w7bIgF1E5SPlJp2qEu87NnkNSFttfsl4K6YZKyaZUt/ZlrEXllz+IG+wxfQfKWh
>> azIqVcG5p31Rr54yBTpoTjVLRmoJ1tXdrr0O6NnGb9FyoWPqKi3CkSya2V5PI8DcgSwIDAQAB"
>>
>
> That's a public key (specifically, the base64 encoding of your RSA public
> key).
>
>  DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mymodeltalk.com;
>> s=default; t=1432027078;
>> bh=fAK46wh0L4gFk+8+jo6UW0qH58ckLjzME9PLXmNZf2M=;
>> h=Date:To:From:Subject;
>> b=EC6FWURdpXuoNazcDj2Bt8i9P7nKKeH9xUQD7AdvzFPUqB3lS9wtIs5+OqQeRXpj0
>> bdmtKAkOa3SfcC2IXT9Tn+DfgkRbGj1gM0uNcFdevDzVXIndXdrckEFOIO2p8s/sO1
>> BwRBwc3B3ZdL4YBnz7iddktwWwtXPWOWdGeGKOb4=
>>
>
> That's a digital signature (specifically, the base64 encoding of the
> SHA256 hash of the header block after being encrypted with the private key
> that matches your public key).
>
> They aren't supposed to be the same thing.
>
> -MSK
>

Received on Tue May 19 2015 - 23:08:14 PST

This archive was generated by hypermail 2.3.0 : Tue May 19 2015 - 23:18:02 PST