On Thu, 8 Jun 2006, SM wrote:
At 14:34 08-06-2006, Dan Mahoney, System Admin wrote:
>Okay. My results for every reflector listed on testing.dkim.org
>(with every possible signing mode) are here (and they're DISMAL):
Thanks for the notes on the autoresponders.
Your DKIM signature fails verification.
By the way -- can you tell WHY? I was signing using ietf-base-01, but am
about to switch over to the allman one shortly, it's had SLIGHTLY more
success than the others. (This message should be signed with it.) Which
method are you using to verify?
>In any case, no detail is mentioned about how these differ, unless I
>feel like reading the drafts (and no links are provided, even so it
>would be a TEDIOUS read).
You can find the drafts of the implementation in the dk/dkim milter
tarballs. The latest version of dkim-milter uses ietf-base-01 by default.
These are the files included with that:
Which one of them is supposed to represent allman-base-00? I've looked
(and looked) and I can't find an easy COMPARISON about what one spec has
and the other does not, how they are similar, how one spec can be
interepreted to be backwards compatible with another...or even which spec
is newer, and whather it supersedes any other and is considered more or
less acceptable. (As much as a "draft" standard can be).
The milter library claims that "The underlying library will adapt itself
to deal with signatures from any version of the specification as much as
possible" however I would have to assume this is with the assumption that
the library itself KNOWS about all the specs that exist -- obviously some
libraries which are in use now can pre-date some specs, which since they
all use the same header could cause failure.
>* Can anyone post contact addresses for issues with these
>reflectors? Ideally we need more info, such as: what testing method
>they're using, contact address, what standards they support.
You can post dkim-milter questions to the dkim-milter mailing
list. I'm copying this email to you as the one you receive from this
list will fail verification.
That wasn't a milter question, but some of the above ARE, and I'll be
mentioning that on those mailing lists shortly. DKIM seems like a cool
idea, but most of the documentation seems to be SERIOUSLY lacking.
"What's with the server farm down in the basement?"
-Spider, Three Skulls Commons at Selden House, 4/15/00
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
dkim-ops mailing list