On Sun 04/Sep/2022 14:17:25 +0200 Benny Pedersen wrote:
ARC-Authentication-Results: i=1; mx.pao1.isc.org; dmarc=pass (p=none dis=none) header.from=tana.it; spf=pass smtp.mailfrom=tana.it; dkim=permerror (0-bit key) header.d=tana.it header.i=@tana.it
That stanza is faulty. The key at epsilon._domainkey.tana.it is 256 bits, like all ed25519 keys, not 0. Presumably ISC's DKIM filter doesn't support RFC8463.
header.b=j8VJHYFh; dkim=pass (1152-bit key; unprotected) header.d=tana.it header.i=@tana.it header.b=DBspF3JP
The second signature, rsa, succeeds. However, why unprotected? Presumably the library used by ISC's DKIM filter doesn't support DNSSEC.
you have a invalid dkim signing, fix that
Nothing to fix on my side.
note you on top of that dkim double sign one is working, one is failing
That's why I put two. Best Ale -- -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users