Just noticed that the last I heard from this group was in March. Has it
been unusually quiet, or am I missing out?
On 31/03/2024 18:12, Henrik Morsing via GLLUG wrote:
Hi again,
I just installed the DKIM Verifier extension to Thunderbird on my
laptop and that fails the email as well. My laptop has OpenSSL 3.1.4,
so that has the bug as well.
Still no closer to fixing this though.
Regards,
Henrik Morsing
On Sun, Mar 31, 2024 at 03:30:47PM +0100, Henrik Morsing via GLLUG wrote:
Hi all,
Happy Easter. I have some days off, so finally had some time to look
at this.
Having disabled rejection in January gave me some more data to look
at and it became obvious that anyone using 1024-bit keys failed the
check and anyone using 2048-bit passed.
I found one person out there who said his DKIM checks started failing
on 1024-bit keys after he upgraded from OpenSSL 0.9.8 to 1.1.1 (My
current version) but sadly no replies.
So, my OpenSSL has a bug, I assume, but it's not really publicly
known and no-one seems very concerned about it? Seem very odd.
Tried to find somewhere in the configuration where a limit was set
but couldn't find anything and also find it odd if that was the case.
Regards,
Henrik Morsing
On Fri, Jan 12, 2024 at 03:48:17PM +0000, Henrik Morsing via GLLUG
wrote:
Good afternoon,
Not dircetly Linux, sorry, but British Gas has spent the last year
sending me letters saying they can't email me. When I look into it,
their emails are rejected based on a bad DKIM signature.
The problem is, not receiving the email, how can I find out what the
problem is? mxtoolbox says their setup is fine, but that surely
can't check the signature inside one of their emails.
What is slightly odd is that DMARC policy is set to none, so
shouldn't reject anything anyway.
I can't say I'm a DKIM/DMARC expert, but this is what I see:
Dec 22 12:37:12 emil opendkim[768]: 2F7612233E: s=mailjet
d=britishgas.co.uk a=rsa-sha256 SSL error:04091068:rsa
routines:int_rsa_verify:bad signature
Dec 22 12:37:13 emil opendmarc[3858740]: 2F7612233E:
britishgas.co.uk fail
Dec 22 12:37:13 emil postfix/cleanup[3996586]: 2F7612233E:
milter-reject: END-OF-MESSAGE from
o94.p12.mailjet.com[87.253.237.94]: 5.7.1 rejected by DMARC policy
for britishgas.co.uk;
from=<296f63a1.caaabphwdncaaaaaaaaaakg7asyaaycquv4aaaaaabbdggblh...@a1065858.bnc3.mailjet.com>
to=<mors...@morsing.cc> proto=ESMTP helo=<o94.p12.mailjet.com>
Not sure where to go from here though. Smells like their problem to
me, but I don't want to tell them that without proof. Any hints?
Regards,
Henrik Morsing
--
--
GLLUG mailing list
GLLUG@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/gllug
--
--
GLLUG mailing list
GLLUG@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/gllug
--
GLLUG mailing list
GLLUG@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/gllug