--- Kind Regards, David David Flanigan E: dave_at_flanigan.net W: http://www.flanigan.net On 2015-07-26 20:55, David Flanigan wrote: > Hello all, > > I run a fairly small mail server and have been trying to get DKIM to work. I have it working most of the way working except for one item which has me stumped. > > All of the message I send fail the body hash, and I am not sure how that can be. I am not, I believe doing anything to them outbound that would cause the message to change. > > When I send a message to the wonderful port25.com verifier (and, yes others - including checking through my gmail) I end up with something like this the below. > > I have enabled "FixCRLF yes" in my .conf file just be sure it was nothing related to line feeds. > > I do verify that the outbound messages appeared to be tagged properly: > > _Jul 26 20:42:44 ns1 opendkim[18206]: t6R0giTH019226: verifier.port25.com [38.95.177.125] not internal_ > _Jul 26 20:42:44 ns1 opendkim[18206]: t6R0giTH019226: not authenticated_ > _Jul 26 20:42:44 ns1 opendkim[18206]: t6R0giTH019226: DKIM verification successful_ > _Jul 26 20:42:44 ns1 sendmail[19226]: t6R0giTH019226: Milter insert (1): header: Authentication-Results: ns1.flanigan.net;\n\tdkim=pass (2048-bit key) header.d=port25.com header.i=auth-results_at_verifier.port25.com header.b=FBtckAcc_ > > Here is the detail: > > _DomainKeys check details:_ > _----------------------------------------------------------_ > _Result: neutral (message not signed)_ > _ID(s) verified: header.From=dave_at_flanigan.net_ > _DNS record(s):_ > > _----------------------------------------------------------_ > _DKIM check details:_ > _----------------------------------------------------------_ > _Result: fail (wrong body hash: expected bAwVZ/PDMKWfeiJMwnf+5ncCN3r0/4HrDlMozFBcP+A=)_ > _ID(s) verified: _ > _Canonicalized Headers:_ > _ to:check-auth_at_verifier.port25.com'0D''0A'_ > _ subject:testindkim'0D''0A'_ > _ date:Sun,'20'26'20'Jul'20'2015'20'20:42:38'20'-0400'0D''0A'_ > _ from:David'20'Flanigan'20'<dave_at_flanigan.net>'0D''0A'_ > _ reply-to:dave_at_flanigan.net'0D''0A'_ > _ dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/simple;'20'd=flanigan.net;'20's=default;'20't=1437957759;'20'bh=QDseK73ng07OnUcjHPcNOB5+6qJaQCaNF0x0hZcx6O4=;'20'h=To:Subject:Date:From:Reply-To:From;'20'b=_ > > _Canonicalized Body:_ > _ --=_3604ca9a19c95053322a05d431ae9e27'0D''0A'_ > _ Content-Transfer-Encoding:'20'7bit'0D''0A'_ > _ Content-Type:'20'text/plain;'20'charset=US-ASCII'0D''0A'_ > _ '0D''0A'_ > _ '20''0D''0A'_ > _ '0D''0A'_ > _ testing'20'DKIM'20''0D''0A'_ > _ --'20''0D''0A'_ > _ '0D''0A'_ > _ '0D''0A'_ > _ --=_3604ca9a19c95053322a05d431ae9e27'0D''0A'_ > _ Content-Transfer-Encoding:'20'quoted-printable'0D''0A'_ > _ Content-Type:'20'text/html;'20'charset=UTF-8'0D''0A'_ > _ '0D''0A'_ > _ <html><head><meta'20'http-equiv=3D"Content-Type"'20'content=3D"text/html;'20'charset='0D''0A'_ > _ =3DUTF-8"'20'/></head><body'20'style=3D'27'font-size:'20'10pt;'20'font-family:'20'Verdana,Gen='0D''0A'_ > _ eva,sans-serif'27'>'0D''0A'_ > _ <p>testing'20'DKIM</p>'0D''0A'_ > _ <br>'0D''0A'_ > _ </body></html>'0D''0A'_ > _ '0D''0A'_ > _ --=_3604ca9a19c95053322a05d431ae9e27--'0D''0A'_ > > _I do run Mailscanner and Spamassassin but I do not think anything is happening outbound (i.e. Mailscanner watermarks are turned off, etc). _ > > _Any thoughts or hints would be greatly appreciated. _ > > -- > > Kind Regards, > David > > David Flanigan > E: dave_at_flanigan.net W: http://www.flanigan.net Links: ------ [1] http://dkimcore.org/c/keycheck" [2] http://dkim.org/ [3] http://opendkim.org/ --Received on Mon Jul 27 2015 - 12:57:01 PST
This archive was generated by hypermail 2.3.0 : Mon Jul 27 2015 - 13:00:01 PST