Re: OpenDKIM bug ? from Ole Frendved Hansen on 2019-01-10 (OpenDKIM Users mailing list)

From: Ole Frendved Hansen <ole.frendved.hansen_at_deic.dk>
Date: Thu, 10 Jan 2019 18:29:15 +0000

Hi Ken,

But the problem could steam from DNS-problem in your installation?

Referring to the sample in your first post:
[sample start]
failed to parse Authentication-Results: header field

key retrieval failed (s=selector1-Q2e-onmicrosoft-com, d=Q2e.onmicrosoft.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2FQ2e.onmicrosoft.com&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cdc89ccec4d474d2e8b0008d677155dfe%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C1%7C636827331011749542&sdata=vsEsJ3Sd9xYZ6bvk0Cr%2F2p%2FyeHTlugX0WDrXjWZTLgk%3D&reserved=0>): 'selector1-Q2e-onmicrosoft-com._domainkey.Q2e.onmicrosoft.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdomainkey.Q2e.onmicrosoft.com&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cdc89ccec4d474d2e8b0008d677155dfe%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C1%7C636827331011905786&sdata=6dleojM7Fy3w85mlBcC2fgYjAogeIE3KE7emUiPKrN8%3D&reserved=0>' query failed
[sample end]
I can look up the key easily:
Query: selector1-Q2e-onmicrosoft-com._domainkey.Q2e.onmicrosoft.com<http://domainkey.Q2e.onmicrosoft.com>
Response:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtFzLYI19GpU/IyAjIxj1OPYUaH/yw28tk8r9qsIMA3KBawuYxmypWEju36fCZDJbMGsTYqJKqvMZ7ZapgGlIs/6cq1VpfAC252hABuDhplPidECPz78HzCumqgot+lEWcy9DvjJmk40AnnAIe5g7F9zt8DH8hjWhQj9JOy6xoVwIDAQAB; n=1024,1452993956,1

Best regards,

Ole
--
ole.frendved.hansen_at_deic.dk<mailto:ole.frendved.hansen_at_deic.dk>
DeiC, Danish e-Infrastructure Cooperation, www.deic.dk<http://www.deic.dk>

Den 10. jan. 2019 kl. 19.01 skrev Ken <kenfcamp_at_gmail.com<mailto:kenfcamp_at_gmail.com>>:

For those following this, the test with Angelo using Outlook via Office 356 resulted in the same
results I've been seeing

On Thu, Jan 10, 2019 at 11:44 AM Ken <kenfcamp_at_gmail.com<mailto:kenfcamp_at_gmail.com>> wrote:
Thanks for the offer Angelo

I think based on the amount of domains this is happening with along with the fact it only happens with a very specific sending environment it's confirmed.

But if you'd like to try, you can send an email to kenfcamp_at_campbus.com<mailto:kenfcamp_at_campbus.com>.
I'd assume Outlook via O365 would be a good place to start, but I'm only guessing on what's being used based on the companies involved.

Ken

On Thu, Jan 10, 2019 at 11:28 AM Fazzina, Angelo <angelo.fazzina_at_uconn.edu<mailto:angelo.fazzina_at_uconn.edu>> wrote:
Hi, I am willing to help conduct a test.
What email address do you want me to send to ?

Should I send using telnet commands or you want me to send with Outlook or T-bird client ?
My domain _at_uconn.edu<http://uconn.edu/> is on O365 but I have access to other smtp servers if you want me to send from them.

Then you can check your logs again….
Pretty sure we have default setup in O365 but I have opendkim setup on some smtp servers.

-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

angelo_at_uconn.edu<mailto:angelo_at_uconn.edu>
University of Connecticut, ITS, SSG, Server Systems
860-486-9075

From: opendkim-users-bounce_at_lists.opendkim.org<mailto:opendkim-users-bounce_at_lists.opendkim.org> <opendkim-users-bounce_at_lists.opendkim.org<mailto:opendkim-users-bounce_at_lists.opendkim.org>> On Behalf Of Ken
Sent: Thursday, January 10, 2019 10:34 AM
To: opendkim-users_at_lists.opendkim.org<mailto:opendkim-users_at_lists.opendkim.org>
Subject: OpenDKIM bug ?

I'm currently running OpenDKIM 2.10.3
I'm seeing instances (thousands per day) where verification's fail with:
[sample start]
failed to parse Authentication-Results: header field

key retrieval failed (s=selector1-Q2e-onmicrosoft-com, d=Q2e.onmicrosoft.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2FQ2e.onmicrosoft.com&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cdc89ccec4d474d2e8b0008d677155dfe%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C1%7C636827331011749542&sdata=vsEsJ3Sd9xYZ6bvk0Cr%2F2p%2FyeHTlugX0WDrXjWZTLgk%3D&reserved=0>): 'selector1-Q2e-onmicrosoft-com._domainkey.Q2e.onmicrosoft.com<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdomainkey.Q2e.onmicrosoft.com&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7Cdc89ccec4d474d2e8b0008d677155dfe%7C17f1a87e2a254eaab9df9d439034b080%7C0%7C1%7C636827331011905786&sdata=6dleojM7Fy3w85mlBcC2fgYjAogeIE3KE7emUiPKrN8%3D&reserved=0>' query failed
[sample end]
This is occurring with legitimate sources.
Banks, Stores, Technology companies, and seems to be limited to any domain using what appears to be Outlook/Office 365

If it were one off (one domain out of thousands) I could easily chalk it up to bad sender configuration. But it's not, it's thousands of emails from hundreds of (valid) senders a day
Any insight would be appreciated
Thank you

Received on Thu Jan 10 2019 - 18:29:37 PST

This archive was generated by hypermail 2.3.0 : Fri Jan 11 2019 - 06:00:00 PST