[dkim-ops] No signature on incoming mail

Ernie Grossmann ernieg92 at hotmail.com
Sun Apr 11 22:47:04 PDT 2010


> Date: Sun, 11 Apr 2010 03:00:53 +0000
> From: johnl at taugh.com
> To: dkim-ops at mipassoc.org
> Subject: Re: [dkim-ops] No signature on incoming mail
> CC: ernieg92 at hotmail.com
> 
> >Do most senders *NOT* use DK or DKIM signatures? Do I have a problem
> >with my DNS?
> 
> Most mail is still unsigned, but the signed fraction is considerably
> above 0.01%.
> 
> > How can I troubleshoot/fix?
> 
> Send yourself mail from a Yahoo or Gmail account, both of which sign
> their mail, and turn on all the log options to see what's happening.
> 
> R's,
> John

Thanks for the info.  I think I *may* have figured it out.  Knowing that not much mail is signed is helpful.
 
Amavis-new does check domain key signatures.  But I also have the dkim-filter installed.
 
When sending from my Yahoo account to my personal account (on mail server), there is no log entry for dkim-filter daemon (almost all mail says "no signature data").  I have not (figured out how to) enable verbose logging, so I'm assuming the absence of a dkim-filter message in the mail.log means no error.
 
The header from the actual email is (usernames removed):
Return-Path: <@yahoo.com>
X-Original-To: @edge06.net
Delivered-To: @edge06.net
Received: from localhost (bluebird01 [127.0.0.1])
 by bluebird01.edge06.net (Postfix) with ESMTP id CABEC175E6
 for <@edge06.net>; Sun, 11 Apr 2010 22:39:18 -0600 (MDT)
Authentication-Results: bluebird01.edge06.net; domainkeys=pass (testing) header.from=@yahoo.com
Authentication-Results: bluebird01.edge06.net; dkim=pass
 (1024-bit key; insecure key) header.i=@yahoo.com;
 x-dkim-adsp=none (insecure policy)
X-Virus-Scanned: Debian amavisd-new at edge06.net
X-Spam-Flag: NO
X-Spam-Score: -1.782
X-Spam-Level: 
X-Spam-Status: No, score=-1.782 tagged_above=-999 required=3.5
 tests=[AWL=-0.314, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13,
 HTML_MESSAGE=0.001] autolearn=no
Authentication-Results: bluebird01.edge06.net (amavisd-new);
 domainkeys=softfail (invalid, public key: DNS query timeout for
 s1024._domainkey.yahoo.com) header.from=@yahoo.com
Received: from bluebird01.edge06.net ([127.0.0.1])
 by localhost (bluebird01.edge06.net [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id C6Qzfc7EaePr for <@edge06.net>;
 Sun, 11 Apr 2010 22:38:46 -0600 (MDT)
Received: from web56506.mail.re3.yahoo.com (web56506.mail.re3.yahoo.com [66.196.97.35])
 by bluebird01.edge06.net (Postfix) with SMTP id 5AF7DD14
 for <@edge06.net>; Sun, 11 Apr 2010 22:38:35 -0600 (MDT)
Authentication-Results: bluebird01.edge06.net; domainkeys=pass (testing) header.from=@yahoo.com
Authentication-Results: bluebird01.edge06.net; dkim=pass
 (1024-bit key; insecure key) header.i=@yahoo.com;
 x-dkim-adsp=none (insecure policy)
Received: (qmail 59893 invoked by uid 60001); 12 Apr 2010 04:38:35 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1271047115; bh=FYv+TRcRZ3oSKb649dCiT53VuO6BIlx7TSHt498BRrU=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=THkLxHyCYZGqlb1S0cyLp0eBOvqUAlE1lWKcoFTqyBLNjmBx/DSw7jKP8fDckChY+aavfJhwK4zZulhS4VKHWUOICnqJNWnhfwZDJLBoZjY+x3zFWvmcIRgcXNn9NvzDIqxDHhP57bEMGaHE2/WqbPy5b2hZfRkVHJrrfyzLo/c=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;
 b=UTwmtNhSk7Yw9kum0YW0AczEh+LnR1qnENx6Nsg9U4mG5POsvjoTRO1i9yUCG5q12sMngnWgh0fVOoA8nGfR2S8NO8t0FAYtmWE2zw/bIPN8kEaAKpJzAyqTN9MTRuk0JzrRjFP7HbetyfcXJKpssWjo5ysF6sLOSI0PpxRT1f4=;
Message-ID: <441721.59871.qm at web56506.mail.re3.yahoo.com>
X-YMail-OSG: uTEm18sVM1kpsuQ_8QOu1Ofbv3fepmBeMKI_oEogP1qjljE
 qVHVuwNFacPRoiqoiGVwe63mooJku20dIe23bJ3qOfXa_YpLH3LClNwgDVL5
 WN.8Z5jeGgEkkqozHdFLWGHq5aEmfz3LPgeU2eLASfh43DY_tDDfBtkUs2fQ
 ttMXGjB7FWrWwty0gNcvQxjkR9woo_aq7e3cI6pNe0Mz6E4Erl4eoNRWVXnt
 M4c6oNh5SGd5kourh8_F7JGAFz2DXd89cPGF2vjwpkmrZkIti0uCofTp3.Ad
 i.nzZ4vOVpSo-
Received: from [63.230.70.220] by web56506.mail.re3.yahoo.com via HTTP; Sun, 11 Apr 2010 21:38:35 PDT
X-Mailer: YahooMailRC/348.3 YahooMailWebService/0.8.100.260964
Date: Sun, 11 Apr 2010 21:38:35 -0700 (PDT)
 
That appears to be a good signature, correct?  
 
If so, then I guess I'll need to contact the amavis mailing list to figure out why it is failing on the signature verification since dkim-filter is okay.
 
Thanks again.
Ernie Grossmann
 
 
 		 	   		  
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mipassoc.org/pipermail/dkim-ops/attachments/20100411/f7e5476a/attachment.html 


More information about the dkim-ops mailing list