On Sun 04/Sep/2022 14:17:25 +0200 Benny Pedersen wrote:
ARC-Authentication-Results: i=1; mx.pao1.isc.org;
  dmarc=pass (p=none dis=none) header.from=tana.it;
  spf=pass smtp.mailfrom=tana.it;
  dkim=permerror (0-bit key) header.d=tana.it header.i=@tana.it


That stanza is faulty. The key at epsilon._domainkey.tana.it is 256 bits, like all ed25519 keys, not 0. Presumably ISC's DKIM filter doesn't support RFC8463.


  header.b=j8VJHYFh; dkim=pass (1152-bit key;
  unprotected) header.d=tana.it header.i=@tana.it header.b=DBspF3JP


The second signature, rsa, succeeds. However, why unprotected? Presumably the library used by ISC's DKIM filter doesn't support DNSSEC.


you have a invalid dkim signing, fix that


Nothing to fix on my side.


note you on top of that dkim double sign

one is working, one is failing


That's why I put two.


Best
Ale
--





--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to