Re: Help Request: wrong body hash from David Flanigan on 2015-07-27 (OpenDKIM Users mailing list)

From: David Flanigan <dave_at_flanigan.net>
Date: Mon, 27 Jul 2015 12:51:57 -0400

Ok - I have narrowed it down and it is NOT a DKIM issue - so apologies
for bothering you all needlessly.

There is a "\n--" or just a visible "--" being added to the end of the
mails, this is occurring post DKIM process. I do not remember ever
intentionally doing that - but then I do tinker a good bit.

So now I am off to find out where. It occurs with multiple users, and
occurs if I send via a web page, from the command line via "mail" and
even from mail sent via SMTP by local users.

Thanks for the help - if you have any ideas where to look for the
mysterious "--" please let me know.

---
Kind Regards, 
David
David Flanigan
Mobile: +1.513.560.8231
E: dave_at_flanigan.net W: http://www.flanigan.net
On 2015-07-27 12:20, David Flanigan wrote: 
> I have also tried to isolate based on encoding and mailer - all yield the same result. I do not think there is anything in the line outside of sendmail for outbound messages. 
> 
> Here is my sendmail.mc, with comments removed just in case that is helpful. 
> 
> divert(-1)dnl
> include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
> VERSIONID(`setup for linux')dnl
> OSTYPE(`linux')dnl
> define(`confDEF_USER_ID', ``8:12'')dnl
> define(`confTO_CONNECT', `1m')dnl
> define(`confTRY_NULL_MX_LIST', `True')dnl
> define(`confDONT_PROBE_INTERFACES', `True')dnl
> define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
> define(`ALIAS_FILE', `/etc/aliases')dnl
> define(`STATUS_FILE', `/var/log/mail/statistics')dnl
> define(`UUCP_MAILER_MAX', `2000000')dnl
> define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
> define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
> define(`confAUTH_OPTIONS', `A p')dnl
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confCACERT_PATH', `/etc/mail/certs')dnl
> define(`confCACERT', `/etc/mail/certs/CAcert.pem')dnl
> define(`confSERVER_CERT', `/etc/mail/certs/MYcert.pem')dnl
> define(`confSERVER_KEY', `/etc/mail/certs/MYkey.pem')dnl
> define(`confCLIENT_CERT', `/etc/mail/certs/MYcert.pem')dnl
> define(`confCLIENT_KEY', `/etc/mail/certs/MYkey.pem')dnl
> define(`confTO_IDENT', `0')dnl
> FEATURE(`no_default_msa', `dnl')dnl
> FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
> FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
> FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
> FEATURE(redirect)dnl
> FEATURE(always_add_domain)dnl
> FEATURE(use_cw_file)dnl
> FEATURE(use_ct_file)dnl
> FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
> FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
> FEATURE(`blacklist_recipients')dnl
> EXPOSED_USER(`root')dnl
> DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
> DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
> DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
> FEATURE(`accept_unresolvable_domains')dnl
> LOCAL_DOMAIN(`flanigan.net')dnl
> FEATURE(`relay_hosts_only')dnl
> MAILER(smtp)dnl
> MAILER(procmail)dnl
> INPUT_MAIL_FILTER(`opendkim', `S=inet:8891_at_127.0.0.1') 
> ---
> 
> Kind Regards, 
> David
> 
> David Flanigan
> Mobile: +1.513.560.8231
> E: dave_at_flanigan.net W: http://www.flanigan.net
> 
> On 2015-07-27 09:42, David Flanigan wrote: 
> 
> Andreas, 
> 
> I am using Sendmail (8.14.7) with the OpenDKIM (opendkim: OpenDKIM Filter v2.10.3)
> 
> I have the following line in my sendmail.mc: 
> INPUT_MAIL_FILTER(`opendkim', `S=inet:8891_at_127.0.0.1') 
> 
> The sendmail.mc compiles without error and /var/log/maillog shows it is at least processing mail both in and outbound. 
> 
> The only other software that interacts pre-sendmail, in one case, Round Cube Mail (which I use for webmail). However I have tried e-mail in via SMTP from my tablet and also direct mail from the command line into send mail with the same error. 
> 
> Below is my /etc/opendkim.conf file (comments removed to save space): 
> 
> PidFile /var/run/opendkim/opendkim.pid
> Mode sv
> Syslog yes
> SyslogSuccess yes
> LogWhy yes
> UserID opendkim:opendkim
> Socket inet:8891_at_localhost
> Umask 002
> SendReports yes
> ReportAddress "Flanigan.net Postmaster" <postmaster_at_flanigan.net>
> SoftwareHeader yes
> Canonicalization relaxed/simple
> Domain flanigan.net
> Selector default
> MinimumKeyBits 1024
> KeyFile /etc/opendkim/keys/default.private
> KeyTable /etc/opendkim/KeyTable
> SigningTable refile:/etc/opendkim/SigningTable
> InternalHosts refile:/etc/opendkim/TrustedHosts
> OversignHeaders From 
> FixCRLF yes 
> 
> ---
> 
> Kind Regards, 
> David
> 
> David Flanigan
> Mobile: +1.513.560.8231
> E: dave_at_flanigan.net W: http://www.flanigan.net
> 
> On 2015-07-27 09:14, A. Schulze wrote: 
> 
> David Flanigan:
> 
> Yet still I see, from testing, indications of the body hash being
> invalid. What could I be missing? Any advice greatly appreciated! 
> which MTA do you use?
> how is MTA and OpenDKIM connected?
> - MTA config
> - opendkim config
> which other software handle your messages on the way to a validator?
> 
> Andreas
 
--

Received on Mon Jul 27 2015 - 16:52:41 PST

This archive was generated by hypermail 2.3.0 : Mon Jul 27 2015 - 17:00:01 PST