Re: [GLLUG] British Gas DKIM failure?

Fri, 12 Jan 2024 08:21:57 -0800 

Hi,
So first of all, as far as I can see, British Gas's DMARC policy is set to "reject". 


BUT, the email is actually coming from MailJet, from the limited info 
below. I think what you need to check if you can, is what the name of 
the DKIM signature they are using actually is, and maybe that will give 
you some more info. I also can't see any reference to MailJet in their 
SPF, but my guess is that they are using MailJet in the envelope and 
then British Gas in the header.



And no, what MX toolbox can do in terms of DKIM is limited. It can look 
up the key, but that is about it. The DKIM tester I use require you to 
send them a test email, which you can't do.



So yes, there is a DKIM key for mailjet in their DNS, but no idea if 
they are using it correctly.



I suggest grepping your logs for "2F7612233E" as that should pull up all 
the the info related to that email from the point Postfix accepts the 
connection until it closes, and see if that tells you some more.


Regards,

Marco

On 12/01/2024 15:48, Henrik Morsing via GLLUG wrote:


Good afternoon,


Not dircetly Linux, sorry, but British Gas has spent the last year 
sending me letters saying they can't email me. When I look into it, 
their emails are rejected based on a bad DKIM signature.



The problem is, not receiving the email, how can I find out what the 
problem is? mxtoolbox says their setup is fine, but that surely can't 
check the signature inside one of their emails.



What is slightly odd is that DMARC policy is set to none, so shouldn't 
reject anything anyway.


I can't say I'm a DKIM/DMARC expert, but this is what I see:


Dec 22 12:37:12 emil opendkim[768]: 2F7612233E: s=mailjet 
d=britishgas.co.uk a=rsa-sha256 SSL error:04091068:rsa 
routines:int_rsa_verify:bad signature
Dec 22 12:37:13 emil opendmarc[3858740]: 2F7612233E: britishgas.co.uk 
fail
Dec 22 12:37:13 emil postfix/cleanup[3996586]: 2F7612233E: 
milter-reject: END-OF-MESSAGE from o94.p12.mailjet.com[87.253.237.94]: 
5.7.1 rejected by DMARC policy for britishgas.co.uk; 
from=<296f63a1.caaabphwdncaaaaaaaaaakg7asyaaycquv4aaaaaabbdggblh...@a1065858.bnc3.mailjet.com> 
to=<mors...@morsing.cc> proto=ESMTP helo=<o94.p12.mailjet.com>



Not sure where to go from here though. Smells like their problem to 
me, but I don't want to tell them that without proof. Any hints?


Regards,
Henrik Morsing



--
GLLUG mailing list
GLLUG@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/gllug






















					Reply via email to