The presence of an Authentication-Results: header field for both domainkeys and
dkim is evidence of success.
From: dkim-ops-bounces(_at_)mipassoc(_dot_)org
[mailto:dkim-ops-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Ernie Grossmann
Sent: Sunday, April 11, 2010 10:47 PM
To: johnl(_at_)taugh(_dot_)com; dkim-ops(_at_)mipassoc(_dot_)org
Subject: Re: [dkim-ops] No signature on incoming mail
Date: Sun, 11 Apr 2010 03:00:53 +0000
From: johnl(_at_)taugh(_dot_)com
To: dkim-ops(_at_)mipassoc(_dot_)org
Subject: Re: [dkim-ops] No signature on incoming mail
CC: ernieg92(_at_)hotmail(_dot_)com
Do most senders *NOT* use DK or DKIM signatures? Do I have a problem
with my DNS?
Most mail is still unsigned, but the signed fraction is considerably
above 0.01%.
How can I troubleshoot/fix?
Send yourself mail from a Yahoo or Gmail account, both of which sign
their mail, and turn on all the log options to see what's happening.
R's,
John
Thanks for the info. I think I *may* have figured it out. Knowing that not
much mail is signed is helpful.
Amavis-new does check domain key signatures. But I also have the dkim-filter
installed.
When sending from my Yahoo account to my personal account (on mail server),
there is no log entry for dkim-filter daemon (almost all mail says "no
signature data"). I have not (figured out how to) enable verbose logging, so
I'm assuming the absence of a dkim-filter message in the mail.log means no
error.
The header from the actual email is (usernames removed):
Return-Path: <@yahoo.com<mailto:2(_at_)yahoo(_dot_)com>>
X-Original-To: @edge06.net<mailto:e(_at_)edge06(_dot_)net>
Delivered-To: @edge06.net<mailto:e(_at_)edge06(_dot_)net>
Received: from localhost (bluebird01 [127.0.0.1])
by bluebird01.edge06.net (Postfix) with ESMTP id CABEC175E6
for <@edge06.net<mailto:e(_at_)edge06(_dot_)net>>; Sun, 11 Apr 2010 22:39:18
-0600 (MDT)
Authentication-Results: bluebird01.edge06.net; domainkeys=pass (testing)
header(_dot_)from=(_at_)yahoo(_dot_)com<mailto:header(_dot_)from=(_at_)yahoo(_dot_)com>
Authentication-Results: bluebird01.edge06.net; dkim=pass
(1024-bit key; insecure key)
header(_dot_)i=(_at_)yahoo(_dot_)com<mailto:header(_dot_)i=(_at_)yahoo(_dot_)com>;
x-dkim-adsp=none (insecure policy)
X-Virus-Scanned: Debian amavisd-new at edge06.net
X-Spam-Flag: NO
X-Spam-Score: -1.782
X-Spam-Level:
X-Spam-Status: No, score=-1.782 tagged_above=-999 required=3.5
tests=[AWL=-0.314, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13,
HTML_MESSAGE=0.001] autolearn=no
Authentication-Results: bluebird01.edge06.net (amavisd-new);
domainkeys=softfail (invalid, public key: DNS query timeout for
s1024._domainkey.yahoo.com)
header(_dot_)from=(_at_)yahoo(_dot_)com<mailto:header(_dot_)from=(_at_)yahoo(_dot_)com>
Received: from bluebird01.edge06.net ([127.0.0.1])
by localhost (bluebird01.edge06.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id C6Qzfc7EaePr for <@edge06.net<mailto:e(_at_)edge06(_dot_)net>>;
Sun, 11 Apr 2010 22:38:46 -0600 (MDT)
Received: from web56506.mail.re3.yahoo.com (web56506.mail.re3.yahoo.com
[66.196.97.35])
by bluebird01.edge06.net (Postfix) with SMTP id 5AF7DD14
for <@edge06.net<mailto:e(_at_)edge06(_dot_)net>>; Sun, 11 Apr 2010 22:38:35
-0600 (MDT)
Authentication-Results: bluebird01.edge06.net; domainkeys=pass (testing)
header(_dot_)from=(_at_)yahoo(_dot_)com<mailto:header(_dot_)from=(_at_)yahoo(_dot_)com>
Authentication-Results: bluebird01.edge06.net; dkim=pass
(1024-bit key; insecure key)
header(_dot_)i=(_at_)yahoo(_dot_)com<mailto:header(_dot_)i=(_at_)yahoo(_dot_)com>;
x-dkim-adsp=none (insecure policy)
Received: (qmail 59893 invoked by uid 60001); 12 Apr 2010 04:38:35 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
t=1271047115; bh=FYv+TRcRZ3oSKb649dCiT53VuO6BIlx7TSHt498BRrU=;
h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;
b=THkLxHyCYZGqlb1S0cyLp0eBOvqUAlE1lWKcoFTqyBLNjmBx/DSw7jKP8fDckChY+aavfJhwK4zZulhS4VKHWUOICnqJNWnhfwZDJLBoZjY+x3zFWvmcIRgcXNn9NvzDIqxDHhP57bEMGaHE2/WqbPy5b2hZfRkVHJrrfyzLo/c=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;
b=UTwmtNhSk7Yw9kum0YW0AczEh+LnR1qnENx6Nsg9U4mG5POsvjoTRO1i9yUCG5q12sMngnWgh0fVOoA8nGfR2S8NO8t0FAYtmWE2zw/bIPN8kEaAKpJzAyqTN9MTRuk0JzrRjFP7HbetyfcXJKpssWjo5ysF6sLOSI0PpxRT1f4=;
Message-ID:
<441721(_dot_)59871(_dot_)qm(_at_)web56506(_dot_)mail(_dot_)re3(_dot_)yahoo(_dot_)com<mailto:441721(_dot_)59871(_dot_)qm(_at_)web56506(_dot_)mail(_dot_)re3(_dot_)yahoo(_dot_)com>>
X-YMail-OSG: uTEm18sVM1kpsuQ_8QOu1Ofbv3fepmBeMKI_oEogP1qjljE
qVHVuwNFacPRoiqoiGVwe63mooJku20dIe23bJ3qOfXa_YpLH3LClNwgDVL5
WN.8Z5jeGgEkkqozHdFLWGHq5aEmfz3LPgeU2eLASfh43DY_tDDfBtkUs2fQ
ttMXGjB7FWrWwty0gNcvQxjkR9woo_aq7e3cI6pNe0Mz6E4Erl4eoNRWVXnt
M4c6oNh5SGd5kourh8_F7JGAFz2DXd89cPGF2vjwpkmrZkIti0uCofTp3.Ad
i.nzZ4vOVpSo-
Received: from [63.230.70.220] by web56506.mail.re3.yahoo.com via HTTP; Sun, 11
Apr 2010 21:38:35 PDT
X-Mailer: YahooMailRC/348.3 YahooMailWebService/0.8.100.260964
Date: Sun, 11 Apr 2010 21:38:35 -0700 (PDT)
That appears to be a good signature, correct?
If so, then I guess I'll need to contact the amavis mailing list to figure out
why it is failing on the signature verification since dkim-filter is okay.
Thanks again.
Ernie Grossmann
________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox. Get
started.<http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3>
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops