Re: Help Request: wrong body hash

From: David Flanigan <dave_at_flanigan.net>
Date: Mon, 27 Jul 2015 12:20:56 -0400

 

I have also tried to isolate based on encoding and mailer - all yield
the same result. I do not think there is anything in the line outside of
sendmail for outbound messages.

Here is my sendmail.mc, with comments removed just in case that is
helpful.

divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS',
`authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN
PLAIN')dnl
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/CAcert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/MYcert.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/MYkey.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/MYcert.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/MYkey.pem')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`flanigan.net')dnl
FEATURE(`relay_hosts_only')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
INPUT_MAIL_FILTER(`opendkim', `S=inet:8891_at_127.0.0.1')
---
Kind Regards, 
David
David Flanigan
Mobile: +1.513.560.8231
E: dave_at_flanigan.net W: http://www.flanigan.net
On 2015-07-27 09:42, David Flanigan wrote: 
> Andreas, 
> 
> I am using Sendmail (8.14.7) with the OpenDKIM (opendkim: OpenDKIM Filter v2.10.3)
> 
> I have the following line in my sendmail.mc: 
> INPUT_MAIL_FILTER(`opendkim', `S=inet:8891_at_127.0.0.1') 
> 
> The sendmail.mc compiles without error and /var/log/maillog shows it is at least processing mail both in and outbound. 
> 
> The only other software that interacts pre-sendmail, in one case, Round Cube Mail (which I use for webmail). However I have tried e-mail in via SMTP from my tablet and also direct mail from the command line into send mail with the same error. 
> 
> Below is my /etc/opendkim.conf file (comments removed to save space): 
> 
> PidFile /var/run/opendkim/opendkim.pid
> Mode sv
> Syslog yes
> SyslogSuccess yes
> LogWhy yes
> UserID opendkim:opendkim
> Socket inet:8891_at_localhost
> Umask 002
> SendReports yes
> ReportAddress "Flanigan.net Postmaster" <postmaster_at_flanigan.net>
> SoftwareHeader yes
> Canonicalization relaxed/simple
> Domain flanigan.net
> Selector default
> MinimumKeyBits 1024
> KeyFile /etc/opendkim/keys/default.private
> KeyTable /etc/opendkim/KeyTable
> SigningTable refile:/etc/opendkim/SigningTable
> InternalHosts refile:/etc/opendkim/TrustedHosts
> OversignHeaders From 
> FixCRLF yes 
> 
> ---
> 
> Kind Regards, 
> David
> 
> David Flanigan
> Mobile: +1.513.560.8231
> E: dave_at_flanigan.net W: http://www.flanigan.net
> 
> On 2015-07-27 09:14, A. Schulze wrote: 
> 
> David Flanigan:
> 
> Yet still I see, from testing, indications of the body hash being
> invalid. What could I be missing? Any advice greatly appreciated! 
> which MTA do you use?
> how is MTA and OpenDKIM connected?
> - MTA config
> - opendkim config
> which other software handle your messages on the way to a validator?
> 
> Andreas
 
-- 
Received on Mon Jul 27 2015 - 16:21:18 PST

This archive was generated by hypermail 2.3.0 : Mon Jul 27 2015 - 16:27:01 PST