It appears that Michael Thomas <m...@mtcc.com> said: > >On 4/3/22 12:12 PM, Bjørn Mork wrote: >> On a slightly related subject... This DKIM failure surprised me, but at >> least I verified that many NANOG subscribers have mailservers returning >> DMARC failure reports ;-) > >Oh wow, you should report that to Murray.
It's on Github, so you can open an issue and if you're feeling inspired a fork and a patch. There's currently 67 open issues and 15 pull requests so don't hold your breath. https://github.com/trusteddomainproject/OpenDKIM R's, John >> Bjørn Mork <bj...@mork.no> writes: >> >>> Authentication-Results: mx.google.com; >>> dkim=fail header.i=@mork.no header.s=b header.b=NB0BT8Ez; >>> spf=pass (google.com: best guess record for domain of >>> bj...@miraculix.mork.no >>> designates 2001:41c8:51:8a:feff:ff:fe00:e5 as permitted sender) >>> smtp.mailfrom=bj...@miraculix.mork.no; >>> dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mork.no >>> Received: from canardo.dyn.mork.no ([IPv6:2a01:799:c9f:8600:0:0:0:1]) >>> (authenticated bits=0) >>> by louie.mork.no (8.15.2/8.15.2) with ESMTPSA id 233IGnGC342047 >>> (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK); >>> Sun, 3 Apr 2022 19:16:50 +0100 >>> Received: from miraculix.mork.no >>> ([IPv6:2a01:799:c9f:8602:8cd5:a7b0:d07:d516]) >>> (authenticated bits=0) >>> by canardo.dyn.mork.no (8.15.2/8.15.2) with ESMTPSA id 233IGnKb1147676 >>> (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK); >>> Sun, 3 Apr 2022 20:16:49 +0200 >>> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mork.no; s=b; >>> t=1649009809; bh=ZByFGHIiZPQYmJjQnCv16CXFZhKG8U3fTayR+Mx3piY=; >>> h=From:To:Cc:Subject:References:Date:Message-ID:From; >>> b=NB0BT8EzJBl2E3jzDaz7QY4C/utMGKFF+HCs8qjQFoHA4JHTD21ZkTk34jp2VOiJ0 >>> pYWHUNXCNaEBK44Hr4U96h5pfXor+dqo0cSuRPTLNnRsoLAQg2kqmQkvylagdeezZc >>> 4p+jQEQv5La2KbjzEIvW6iSGwwe4ltT9hu7h0H8U= >>> Received: (nullmailer pid 389787 invoked by uid 1000); >>> Sun, 03 Apr 2022 18:16:48 -0000 >>> From: =?utf-8?Q?Bj=C3=B8rn_Mork?= <bj...@mork.no> >>> To: Randy Bush <ra...@psg.com> >>> Cc: John Levine <jo...@iecc.com>, >>> "North American Network Operators' Group" <nanog@nanog.org> >>> Subject: Re: Gmail (thus Nanog) rejecting ipv6 email >>> Organization: m >>> References: <875ynqcvsl....@miraculix.mork.no> >>> <20220403164123.4ce413a4b...@ary.qy> <m28rsmjbu9.wl-ra...@psg.com> >>> Date: Sun, 03 Apr 2022 20:16:48 +0200 >>> In-Reply-To: <m28rsmjbu9.wl-ra...@psg.com> (Randy Bush's message of "Sun, 03 >>> Apr 2022 10:50:06 -0700") >>> Message-ID: <87v8vqav73....@miraculix.mork.no> >> >> Did a little testing, and it looks like opendkim create a bogus >> signature if a quoted-string diplay name in a To or Cc headers contains >> an apostrophe. Not good at all.
