Re: "signature verification failed" (1024-bit key)

From: RISP System Administrator <sysadmin_at_ipns.com>
Date: Thu, 6 Aug 2015 16:46:27 -0700

SM -
We run all of our outgoing email through MailFoundry spam cleaners, which
adds some headers if we've whitelisted an outgoing email address. In our test case, one
of the accounts used is whitelisted and the other isn't. The one that went through
without the 'signature verification fail' is the one *with* the added headers; the other
without the added headers got the 'fail', which is very puzzling.
Would it help to
post both sets of headers?
Jim
(btw - new to the list. Do you prefer
pre-quote or post-quote replies?)




On Thu, August 6, 2015 2:21 pm, SM wrote:

> Hi Jim,

> At 01:43 PM 8/6/2015, RISP System Administrator wrote:

>>However. When testing, we're seeing this header (real domain munged):

>>DKIM-Filter: OpenDKIM Filter v2.10.3 mail02.domain.com 2832AF78062

>>Authentication-Results: mail02.domain.com; dkim=fail

>>reason="signature verification failed" (1024-bit key)

>>header.d=domain.com header.i=_at_domain.com header.b=CCeF8U5s

>>

>>I haven't been able to find out exactly what the issue is. We

>>created private keys and public keys using

>>http://www.dnswatch.info/dkim/create-dns-record, which sets up a 1024-bit
key.

>>

>>Where should I look or what should I do to correct this?

>

> The reason means that either the message header and/or the message

> body was modified after they were DKIM-signed. Are you running any

> software which might cause that?

>

> Regards,

> -sm

>

>

>
Received on Thu Aug 06 2015 - 23:47:14 PST

This archive was generated by hypermail 2.3.0 : Thu Aug 06 2015 - 23:54:00 PST