On 13/04/21 7:40 pm, richard lucassen wrote:
On Tue, 13 Apr 2021 00:16:42 -0400
Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
On Mon, Apr 12, 2021 at 07:23:50PM +0200, richard lucassen wrote:
mail.info: Apr 12 18:01:16 opendkim[13977]: 828FE7F581: s=202103
d=example.com SSL error:0407008A:rsa
routines:RSA_padding_check_PKCS1_type_1:invalid padding; error:
04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed
An RSA signature is either slightly garbled, or is being verified with
the wrong key (not the one that did the signing). The validator
detects a PKCS#1 padding error after decrypting with the public key.
I'm inclined to guess wrong key, but minor corruption in the signature
value that preserves the overall length is also possible.
Yes, but why 1 minute ok, 1 minute errors, 1 minute ok, etc etc?
What's the TTL on the dkim TXT DNS record?
Peter
