[dkim-ops] blackops.org fixed
Murray S. Kucherawy
msk at sendmail.com
Thu Jun 8 23:15:14 PDT 2006
On Thu, 8 Jun 2006, Dan Mahoney, System Admin wrote:
> Apologies for the horrid wrapping, but I'm not seeing the right header here:
>
> There should still be an Authentication-Results header if it's failing, yes?
As coded right now, that header is added on failed verifications only if
it got as far as deciding if the signature was both present and able to be
verified. In this case the latter condition was not met so no header was
added.
In particular, your published key record contains the tag "g=" with no
value. According to base-02 (and in fact I think all of the DKIM drafts),
that matches no users, so the key was used by an unauthorized user and
thus the signature was to be ignored. dkim-filter therefore acted like
there was no signature present.
If you change it to "g=*" (match all users, which is the default), you
should get a result.
More information about the dkim-ops
mailing list