Am 12.10.2014 um 12:19 schrieb shm...@riseup.net: > i wrote to the relevant dkim/dmarc lists but still i find the following > errors from opendkim/opendmarc consistently with every message > > could somebody please suggest which settings, if there are any within > postfix, that may alleviate these failures ? > > overall, on the other hand, i see many successful verifications as well > > but id like to know why some still fail > > surely it can't be that all gmail.com and google.com messages are > modified in transit, somehow > > ie. > > opendkim[3561]: : mail-wi0-f202.google.com [209.85.212.202] not internal > opendkim[3561]: : not authenticated > opendkim[3561]: : signature=lnkRpgLM domain=google.com selector=20120113 > result="signature verification failed" > opendkim[3561]: : s=20120113 d=google.com SSL error:04091068:rsa > routines:INT_RSA_VERIFY:bad signature > opendkim[3561]: : bad signature data > opendmarc[3526]: : google.com fail > > opendkim[4560]: : n13-vm7.bullet.mail.ne1.yahoo.com [98.138.121.231] not > internal > opendkim[4560]: : not authenticated > opendkim[4560]: : signature=B+PrvMlb domain=yahoo.com selector=s2048 > result="signature verification failed" > opendkim[4560]: : s=s2048 d=yahoo.com SSL error:04091068:rsa > routines:INT_RSA_VERIFY:bad signature > opendkim[4560]: : bad signature data > opendmarc[26995]: : dmarc.yahoo.com none > > opendkim[8288]: : snip1.dnsops.gov [129.6.100.200] not internal > opendkim[8288]: : not authenticated > opendkim[8288]: : signature=PrBejfsW domain=had-pilot.biz > selector=mailkey result="signature verification failed" > opendkim[8288]: : s=mailkey d=had-pilot.biz SSL error:04091068:rsa > routines:INT_RSA_VERIFY:bad signature > opendkim[8288]: : bad signature data > opendmarc[26995]: : had-pilot.biz none > > the operator of had-pilot believes and is is confident their dkim sigs > are correct >
double check your dmarc milter setup, it s very tricky with postfix, make sure mail is not altered on its way ( which might brake dkim ) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
