I had set up Postfix to check incoming mails for DK sigs but when I did
that, I was no longer able to DISCARD emails sent by known spammers and spam
networks. That was not
acceptable, so SpamAssassin provides me with another way of doing it,
without breaking any Postfix
functionality.
I
Benny Pedersen wrote:
I had set up Postfix to check incoming mails for DK sigs but when I did
that, I was no longer able to DISCARD emails sent by known spammers and spam
networks. That was not
acceptable, so SpamAssassin provides me with another way of doing it,
without breaking any Postfix
Pollywog wrote on Tue, 13 Dec 2005 23:35:25 +:
Is it just a problem for Yahoo domains?
I didn't know of any other domains doing this. Now that I know gmail does it as
well I can look out for gmail mails ...
Maybe the problem is Yahoo because I
have gotten a few DK_VERIFIED emails
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kai Schaetzl writes:
Pollywog wrote on Tue, 13 Dec 2005 23:35:25 +:
Maybe the problem is Yahoo because I
have gotten a few DK_VERIFIED emails though most that specify DK
anything just specify one of the other tags, not the VERIFIED tag.
Not
On 12/14/2005 11:31 am, Kai Schaetzl wrote:
Pollywog wrote on Tue, 13 Dec 2005 23:35:25 +:
Is it just a problem for Yahoo domains?
I didn't know of any other domains doing this. Now that I know gmail does
it as well I can look out for gmail mails ...
Maybe the problem is Yahoo
Justin Mason wrote on Wed, 14 Dec 2005 11:19:41 -0800:
All the other DK hits just mean that DK headers were *found*, not that
they validated as correct in any way.
Yeah, that's why I would like to see some DK_verified ;-)
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive
Pollywog wrote on Wed, 14 Dec 2005 21:25:55 +:
I meant that since I am getting some mails with DK_VERIFIED, it might mean
that something is broken with Yahoo's DK, if you are not getting DK_VERIFIED
in Yahoo mails.
Or it's broken on my end ;-) After all, I have none of these hits at
wrote on Tue, 13 Dec 2005 15:12:05 +1300:
...and sure enough, elandsys.com does not match dk.elandsys.com.
Going from that I looked at the Yahoo Groups messages I recently got:
From: [EMAIL PROTECTED]
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
d=yahoogroups.com;
Do I
At 06:30 13-12-2005, Kai Schaetzl wrote:
Going from that I looked at the Yahoo Groups messages I recently got:
From: [EMAIL PROTECTED]
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
d=yahoogroups.com;
Do I understand it correctly that d should match the sender's domain? In
that case
Sm wrote on Tue, 13 Dec 2005 12:41:09 -0800:
Yes, it should match the sending domain. You should verify the
Sender: header as well.
Well, the *Sender* domain does match, but not the envelope from or the
header from. I don't know what SA uses for matching, but I think there's
something else
On 12/13/2005 10:31 pm, Kai Schaetzl wrote:
Sm wrote on Tue, 13 Dec 2005 12:41:09 -0800:
Yes, it should match the sending domain. You should verify the
Sender: header as well.
Well, the *Sender* domain does match, but not the envelope from or the
header from. I don't know what SA uses for
On 12/13/2005 11:35 pm, Pollywog wrote:
I had set up Postfix to check incoming mails for DK sigs but when I did
that, I was no longer able to DISCARD emails sent by known spammers and
spam networks. That was not acceptable, so SpamAssassin provides me with
another way of doing it, without
On Wed, December 14, 2005 00:39, Pollywog wrote:
acceptable, so SpamAssassin provides me with another way of doing it,
without breaking any Postfix
functionality.
I don't like to reject spam, I prefer to DISCARD so that the innocent
bystanders that own the addresses the spammers forged are
On 12/12/2005 01:31 pm, Kai Schaetzl wrote:
I enabled the DomainKeys plugin way back, but didn't have much to play for
it. Now I'm subscribed to a group at yahoogroups.com and am getting mails
from Yahoo with:
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
d=yahoogroups.com;
Kai Schaetzl wrote:
I enabled the DomainKeys plugin
...
Shouldn't it be able to verify the signature? Do I need to have an
additional Perl module or some local certificate store?
Yup, and it works for me. But Mail::DomainKeys changed their API and I had to
apply a patch.
See this blog
Pollywog wrote:
On 12/12/2005 01:31 pm, Kai Schaetzl wrote:
I enabled the DomainKeys plugin way back, but didn't have much to play for
it. Now I'm subscribed to a group at yahoogroups.com and am getting mails
from Yahoo with:
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lima;
On 12/12/2005 06:08 pm, [EMAIL PROTECTED] wrote:
Kai Schaetzl wrote:
I enabled the DomainKeys plugin
...
Shouldn't it be able to verify the signature? Do I need to have an
additional Perl module or some local certificate store?
Yup, and it works for me. But Mail::DomainKeys changed
Pollywog wrote:
Can't locate Mail/DomainKeys/Message.pm in @INC
There's your problem... the DomainKeys plugin requires the Mail::DomainKeys
package. Install that, apply the patch to the plugin, and you should be
good-to-go.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
On 12/12/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Kai Schaetzl wrote: I enabled the DomainKeys plugin... Shouldn't it be able to verify the signature? Do I need to have an
additional Perl module or some local certificate store?Yup, and it works for me.But Mail::DomainKeys changed their API
wrote on Mon, 12 Dec 2005 10:08:30 -0800:
Yup, and it works for me. But Mail::DomainKeys changed their API and I
had to apply a patch.
See this blog entry:
http://saintaardvarkthecarpeted.com/blog/?p=220
Thanks, I read the bugzilla and checked my version. I still have 0.18.
Seems
On 12/12/2005 06:36 pm, Pollywog wrote:
Same as before the patch. I am using Spamassassin 3.1.0a-1 from a Debian
Sarge package compiled and installed on a Xandros 3 system.
I think it is from Debian unstable not Sarge.
Yes, they call it unstable for a reason :)
8)
Bill Baird wrote on Mon, 12 Dec 2005 13:56:02 -0500:
This link has more details about the patch -
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4623
Thanks, but the blog contains a link to the bugzilla, anyway :-)
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive
Kai Schaetzl wrote on Mon, 12 Dec 2005 20:01:08 +0100:
Ok, patch run worked flawless. Now let's see if I get a different result
next time I get a mail from Yahoo.
Still getting message has an unverified signature. Hm?
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet
On 12/12/2005 07:58 pm, Kai Schaetzl wrote:
Kai Schaetzl wrote on Mon, 12 Dec 2005 20:01:08 +0100:
Ok, patch run worked flawless. Now let's see if I get a different result
next time I get a mail from Yahoo.
Still getting message has an unverified signature. Hm?
Perhaps something is broken
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kai Schaetzl writes:
Kai Schaetzl wrote on Mon, 12 Dec 2005 20:01:08 +0100:
Ok, patch run worked flawless. Now let's see if I get a different result
next time I get a mail from Yahoo.
Still getting message has an unverified signature. Hm?
It's
[EMAIL PROTECTED] wrote:
Kai Schaetzl writes:
Kai Schaetzl wrote on Mon, 12 Dec 2005 20:01:08 +0100:
Ok, patch run worked flawless. Now let's see if I get a different
result next time I get a mail from Yahoo.
Still getting message has an unverified signature. Hm?
It's pretty easy for
Pollywog wrote on Mon, 12 Dec 2005 20:05:40 +:
Perhaps something is broken on the Yahoo side.
Don't think so. I used the two auto-responders at
http://www.elandsys.com/resources/sendmail/domainkeys.html
to try it. It shows the same as the Yahoo messages, so I suppose, there's
something on
wrote on Mon, 12 Dec 2005 12:36:17 -0800:
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
0.0 DK_POLICY_TESTING Domain Keys: policy says domain is testing DK
Yeah, this is what I got with the Yahoo mails as well. Haven't got in any
Yahoo mail since
Justin Mason wrote on Mon, 12 Dec 2005 12:32:21 -0800:
If you want a post-mortem, it might be worth forwarding a full message
with all headers...
Well, just saving it from my mail program may have broken it. I understand
that it's a filigrane method, that's probably why it's bound to fail in
Kai Schaetzl wrote:
Justin Mason wrote on Mon, 12 Dec 2005 12:32:21 -0800:
If you want a post-mortem, it might be worth forwarding a full
message with all headers...
...
As you see all tests result in cannot load message using
Mail::DomainKeys::Message.
Do you have Mail::DomainKeys
wrote on Mon, 12 Dec 2005 13:48:28 -0800:
Do you have Mail::DomainKeys installed?
Yes. If the plugin is enabled, but Mail::DomainKeys is not installed you
get --lint warnings.
That is, does this command
print 1 or an error?
$ perl -e use Mail::DomainKeys::Message;
print 1;
Sure,
On 12/12/2005 09:13 pm, Kai Schaetzl wrote:
Pollywog wrote on Mon, 12 Dec 2005 20:05:40 +:
Perhaps something is broken on the Yahoo side.
Don't think so. I used the two auto-responders at
http://www.elandsys.com/resources/sendmail/domainkeys.html
to try it. It shows the same as the
Pollywog wrote on Mon, 12 Dec 2005 22:29:29 +:
I applied it to the DomainKeys.pm file... was that incorrect?
It will patch against this path:
lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
from the root of your source. If you installed it against the installed
.pm or against the devel package
On 12/12/2005 11:13 pm, Kai Schaetzl wrote:
Pollywog wrote on Mon, 12 Dec 2005 22:29:29 +:
I applied it to the DomainKeys.pm file... was that incorrect?
It will patch against this path:
lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
from the root of your source. If you installed it against
Pollywog wrote:
/usr/share/perl5/Mail/SpamAssassin/Plugin/DomainKeys.pm
That is the file I patched and there were no errors.
Have you looked at the .pm file and verified that the new code is in place?
Do you run spamd? If so have you shut it down and started it up again?
--
On 12/13/2005 12:08 am, [EMAIL PROTECTED] wrote:
Pollywog wrote:
On 12/12/2005 11:50 pm, [EMAIL PROTECTED] wrote:
Pollywog wrote:
/usr/share/perl5/Mail/SpamAssassin/Plugin/DomainKeys.pm
That is the file I patched and there were no errors.
Have you looked at the .pm file and verified
Pollywog wrote:
perl -MMail::DomainKeys -e 'print $Mail::DomainKeys::VERSION'
[EMAIL PROTECTED]:~$ perl -MMail::DomainKeys -e 'print
$Mail::DomainKeys::VERSION'
Can't locate Mail/DomainKeys.pm in @INC (@INC
contains: /etc/perl /usr/local/lib/perl/5.8.4
/usr/local/share/perl/5.8.4
Pollywog wrote on Tue, 13 Dec 2005 00:12:06 +:
It would seem that the problem is something other than the plugin, perhaps my
PERL installation.
No, it just seems that the early suggestion to install Mail::DomainKeys
confused
you. You have to install that Perl module *plus* the SA
On 12/13/2005 12:17 am, [EMAIL PROTECTED] wrote:
Pollywog wrote:
perl -MMail::DomainKeys -e 'print $Mail::DomainKeys::VERSION'
[EMAIL PROTECTED]:~$ perl -MMail::DomainKeys -e 'print
$Mail::DomainKeys::VERSION'
Can't locate Mail/DomainKeys.pm in @INC (@INC
contains: /etc/perl
On 12/13/2005 12:31 am, Kai Schaetzl wrote:
Pollywog wrote on Tue, 13 Dec 2005 00:12:06 +:
It would seem that the problem is something other than the plugin,
perhaps my PERL installation.
No, it just seems that the early suggestion to install Mail::DomainKeys
confused you. You have to
[EMAIL PROTECTED] (Justin Mason) writes:
It's pretty easy for normal mail transmission to break DK
signatures
It sure is. Kai's and Pollywog's problems prompted me to investigate
why my own DK plugin was not verifying signatures from Yahoo! and
gmail.com. I filled SA's DomainKeys plugin and
41 matches
Mail list logo
