On Mon, 19 Mar 2018 11:53:19 -0400
Bill Cole wrote:
> On 19 Mar 2018, at 11:29, Sebastian Arcus wrote:
>
> > I've been seeing a number of false positives recently from
> > T_DKIM_INVALID with Gmail emails. Are some Gmail servers
> > misconfigured,
> There
5 AM, Sebastian Arcus
wrote:
> On 19/03/18 15:53, Bill Cole wrote:
>
>> On 19 Mar 2018, at 11:29, Sebastian Arcus wrote:
>>
>> I've been seeing a number of false positives recently from T_DKIM_INVALID
>>> with Gmail emails. Are some Gmail servers misconfigured
On 19/03/18 15:53, Bill Cole wrote:
On 19 Mar 2018, at 11:29, Sebastian Arcus wrote:
I've been seeing a number of false positives recently from
T_DKIM_INVALID with Gmail emails. Are some Gmail servers
misconfigured, or could something be going on at my end? The DKIM
record which is fl
On 19 Mar 2018, at 11:29, Sebastian Arcus wrote:
I've been seeing a number of false positives recently from
T_DKIM_INVALID with Gmail emails. Are some Gmail servers
misconfigured, or could something be going on at my end? The DKIM
record which is flagged as invalid is below:
DKIM-Sign
, 2018 at 11:29 AM, Sebastian Arcus
wrote:
> I've been seeing a number of false positives recently from T_DKIM_INVALID
> with Gmail emails. Are some Gmail servers misconfigured, or could something
> be going on at my end? The DKIM record which is flagged as invalid is below:
>
&g
I've been seeing a number of false positives recently from
T_DKIM_INVALID with Gmail emails. Are some Gmail servers misconfigured,
or could something be going on at my end? The DKIM record which is
flagged as invalid is below:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relax
signature are tagged with T_DKIM_INVALID
When I save such an e-mail ( for example from Gmail ) and I run
spamassassin -t < savedmsg.eml
I get at the end of the trace the following lines
pts rule name descript
On 29-12-16 19:40, Marc Stürmer wrote:
> Zitat von Tom Hendrikx :
>
>> Did you file a ticket with them? I'm curious as to what they are saying
>> about it.
>
> Actually I got this info by their phone support, and the info was back
> then it's not supported and unlikely will be supported very soon
On Thu, 29 Dec 2016 11:35:13 +0100
Marc Stürmer wrote:
> Zitat von RW :
>
> > Are there really resolvers that can't handle it? My understanding is
> > that the relevant limit here is on the length of a string, 255
> > bytes. Yahoo have broken their DKIM TXT record into multiple short
> > strings
Zitat von Tom Hendrikx :
Did you file a ticket with them? I'm curious as to what they are saying
about it.
Actually I got this info by their phone support, and the info was back
then it's not supported and unlikely will be supported very soon.
Just like DNSSEC, they also don't offer it and
On 29-12-16 11:35, Marc Stürmer wrote:
> Zitat von RW :
>
>> Are there really resolvers that can't handle it? My understanding is
>> that the relevant limit here is on the length of a string, 255 bytes.
>> Yahoo have broken their DKIM TXT record into multiple short strings to
>> keep within the
Zitat von RW :
Are there really resolvers that can't handle it? My understanding is
that the relevant limit here is on the length of a string, 255 bytes.
Yahoo have broken their DKIM TXT record into multiple short strings to
keep within the limit.
There are still enough resolvers around which
On Mon, 26 Dec 2016 12:07:56 +0100
Marc Stürmer wrote:
> Zitat von Groach :
>
> > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.net;
> > s=s2048; t=1482596721;
>
> DKIM entries do live in DNS space. Not every DNS server software
> (and resolver) around is able to handle 2048
Zitat von Groach :
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.net;
s=s2048; t=1482596721;
DKIM entries do live in DNS space. Not every DNS server software (and
resolver) around is able to handle 2048 bit sized keys, which are 512
bytes.
If you want to be on the safe s
On 2016-12-24 19:50, Michael Orlitzky wrote:
> > All mail I get from yahoo customers [1] scores on T_DKIM_INVALID,
> > and always has. Why?
>
> Is there any correlation between the DKIM result and the size of the
> message?
Hmm. I got a few more messages from those domain
On 12/24/2016 11:05 AM, Ian Zimmerman wrote:
> All mail I get from yahoo customers [1] scores on T_DKIM_INVALID, and
> always has. Why?
>
Is there any correlation between the DKIM result and the size of the
message?
On 2016-12-24 16:32, Groach wrote:
> I have just done a test and do not get the same results as you. My
> yahoo incoming emails pass ok:
And yours passed for me, too. So it's only a subset of yahoo senders,
apparently :-(
> This might explain it:
> http://spamassassin.1065346.n5.nabble.com/
rch?q=T_DKIM_INVALID)
On 24/12/2016 16:05, Ian Zimmerman wrote:
All mail I get from yahoo customers [1] scores on T_DKIM_INVALID, and
always has. Why?
Maybe I can prepare a spample, but it will take some work to find a
privacy friendly specimen, since it obviously can't be altered.
[1
All mail I get from yahoo customers [1] scores on T_DKIM_INVALID, and
always has. Why?
Maybe I can prepare a spample, but it will take some work to find a
privacy friendly specimen, since it obviously can't be altered.
[1] same for hotmail, while other big domains get DKIM_VALID.
--
P
On 2016-06-24 21:25, G.H. (Spamassassin) wrote:
Found what the problem was.
Turns out spamd was running by default with the -L (Use local tests
only (no DNS)) parameter. Removed this and restarted de daemon and
voila:
+1, if just all was that simple :)
Found what the problem was.
Turns out spamd was running by default with the -L (Use local tests only
(no DNS)) parameter. Removed this and restarted de daemon and voila:
Jun 24 21:21:21 higis-s3 spamd[22778]: spamd: connection from localhost
[::1]:36303 to port 783, fd 5
Jun 24 21:21:21 higis-s3
On 2016-06-24 20:22, G.H. (Spamassassin) wrote:
I notice that the DNS whitelisting rules are missing too, and the SPF
rules are replaced by a custom rule LOCAL_SPF_PASS.
Correct, I made few SPF rules of my own but that could be the cause I
believe?
i see no spf pass ever here with spamassas
On 06/24/2016 07:53 PM, RW wrote:
> On Fri, 24 Jun 2016 18:20:35 +0200
> G.H. (Spamassassin) wrote:
>
>> Hello,
>>
>> Every incoming mail with valid DKIM-signatures is tagged with
>> T_DKIM_INVALID.
>> But when I run such a mail through spamassassin -t -D d
On Fri, 24 Jun 2016 18:20:35 +0200
G.H. (Spamassassin) wrote:
> Hello,
>
> Every incoming mail with valid DKIM-signatures is tagged with
> T_DKIM_INVALID.
> But when I run such a mail through spamassassin -t -D dkim < email it
> finds no errors?
> I already googled this
Hello,
Every incoming mail with valid DKIM-signatures is tagged with
T_DKIM_INVALID.
But when I run such a mail through spamassassin -t -D dkim < email it
finds no errors?
I already googled this but it always comes down to missing packages that
are being reported with the debug, but in my c
spampd reports
X-Spam-Rules:
TestsScores=(BAYES_95=3,BOGOFILTER_UNSURE=0.1,DIET_1=0.001,
DKIM_SIGNED=0.1,HTML_IMAGE_RATIO_02=0.437,HTML_MESSAGE=0.001,SPF_PASS=-0.1,
T_DKIM_INVALID=0.01)
opendkim reports:
Authentication-Results: duggi.junc.org;
dkim=pass (1024-bit key
On Fri, 2014-06-06 at 14:47 -0700, a pseudonymous Nabble user wrote:
> Thank you for you reply
>
> 1) I used gmail web interface, [...]
> 2) I looked at the original by going to the gmail web interface and
> selecting "show original"
In that case, it is not necessarily guaranteed the multipart b
On Fri, 2014-06-06 at 00:44 -0700, a pseudonymous Nabble user wrote:
> For whatever reason if I send an email from gmail when it arrives it's
> marked with T_DKIM_INVALID. I inspected the original and the result and
> there are a few differences. [...]
> 3) The last and I&#x
Thank you for you reply
1) I used gmail web interface, but now after you asked I tried sending from
iPad. Result is somewhat different. There is no multipart content type now,
but T_DKIM_INVALID is still present.
2) I looked at the original by going to the gmail web interface and
selecting "
On Fri, 2014-06-06 at 00:44 -0700, a pseudonymous Nabble user wrote:
> For whatever reason if I send an email from gmail when it arrives it's
> marked with T_DKIM_INVALID. I inspected the original and the result and
> there are a few differences.
By sending "from gmail&quo
On 06.06.14 00:44, zespri wrote:
For whatever reason if I send an email from gmail when it arrives it's
marked with T_DKIM_INVALID. I inspected the original and the result and
there are a few differences. Dkim header has this:
"h=mime-version:in-reply-to:references:da
I realize that this is not directly related to spam assassin, but I appeal to
all you helpful folk here.
For whatever reason if I send an email from gmail when it arrives it's
marked with T_DKIM_INVALID. I inspected the original and the result and
there are a few differences. Dkim header has
Please,
remove useless parts of the message. It's really hard to read it if you
quote everything and you can get trapped into responding the same mail
twice, and even wondering why I asked something you have replied already.
On 18.07.13 16:01, Ryan Braganza wrote:
Why is T_DKIM_IN
On 7/18/2013 6:51 AM, Ryan Braganza wrote:
On Thu, Jul 18, 2013 at 4:17 PM, Matus UHLAR - fantomas
mailto:uh...@fantomas.sk>> wrote:
On 18.07.13 16:01, Ryan Braganza wrote:
Why is T_DKIM_INVALID getting triggered for gmail ? I
have see
gt;>
>>> On 18.07.13 16:01, Ryan Braganza wrote:
>>>>
>>>>>
>>>>>> Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
>>>>>>> happening many times with my servers, the dkim gets passed , then why
>>>
On Thu, Jul 18, 2013 at 4:25 PM, Matus UHLAR - fantomas
wrote:
> On 18.07.13 16:21, Ryan Braganza wrote:
>
>> On Thu, Jul 18, 2013 at 4:17 PM, Matus UHLAR - fantomas
>> wrote:
>>
>> On 18.07.13 16:01, Ryan Braganza wrote:
>>>
>>>>
>>>&g
On 18.07.13 16:21, Ryan Braganza wrote:
On Thu, Jul 18, 2013 at 4:17 PM, Matus UHLAR - fantomas
wrote:
On 18.07.13 16:01, Ryan Braganza wrote:
Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
happening many times with my servers, the dkim gets passed , then why
does
this
On Thu, Jul 18, 2013 at 4:17 PM, Matus UHLAR - fantomas
wrote:
> On 18.07.13 16:01, Ryan Braganza wrote:
>>>
>>>> Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
>>>> happening many times with my servers, the dkim gets passed , then why
On 18.07.13 16:01, Ryan Braganza wrote:
Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
happening many times with my servers, the dkim gets passed , then why does
this invalid rule hit? Any inputs? am using SpamAssassin version 3.3.2
On Thu, Jul 18, 2013 at 4:03 PM
Hi thanks for the reply, these mails 1st come to an MX server and from
there to the spamasasin server.
On Thu, Jul 18, 2013 at 4:03 PM, Matus UHLAR - fantomas
wrote:
> On 18.07.13 16:01, Ryan Braganza wrote:
>
>> Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
On 18.07.13 16:01, Ryan Braganza wrote:
Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
happening many times with my servers, the dkim gets passed , then why does
this invalid rule hit? Any inputs? am using SpamAssassin version 3.3.2
are you getting those mails from gmail
Why is T_DKIM_INVALID getting triggered for gmail ? I have seen this
happening many times with my servers, the dkim gets passed , then why does
this invalid rule hit? Any inputs? am using SpamAssassin version 3.3.2
Hi
I get T_DKIM_INVALID and no SPF_PASS on one of my mailserver
see below the relevant headers from a=>b and b=>a
difference between both machines is the running FreeBSD version and the
perl version
perl is 5.8.9 and the other is 5.14.2
(the latter which gives DKIM_INVALID and no SP
30.11.2011 16:37, Mark Martinec kirjoitti:
>> I have set up DKIM on our corporate mail hosted by GMail. Google
>> assigned a TXT record and our DNS-provider set it.
>>
>> I send a mail from GMail from the Web UI and from my Thunderbird to
>> myself, and SA always triggers that rule.
>>
>> What does
> I have set up DKIM on our corporate mail hosted by GMail. Google
> assigned a TXT record and our DNS-provider set it.
>
> I send a mail from GMail from the Web UI and from my Thunderbird to
> myself, and SA always triggers that rule.
>
> What does it mean? Is not valid?
Whatever of mail reache
I have set up DKIM on our corporate mail hosted by GMail. Google
assigned a TXT record and our DNS-provider set it.
I send a mail from GMail from the Web UI and from my Thunderbird to
myself, and SA always triggers that rule.
What does it mean? Is not valid?
--
There are more things in heaven
be futile to proceed further, because seems that the
problem is because the mail server OS is too old, and having some
compatibility problems with new software.
--
View this message in context:
http://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28201004.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
leeyc0,
> > After some struggle and tracing every bit of code (including tracing
> > installing cpan packages!), apparently it is a bug in the latest
> > Net::DNS::Packet::Resolver::Base send_tcp function call...
>
> Yes, it is caused by a bug in Net::DNS::Resolver::Base (sorry, there was a
> typ
ttp://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28186929.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
--
View this message in context:
http://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28186774.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
re doesn't have any problem.
--
View this message in context:
http://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28186154.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
> I tried, but still have no clue, but discovered another horrible thing.
> I tried to send another email from gmail to iwtek.net, the DKIM signature
> validates at iwtek.net (see attachment). I am running mad now...
> http://old.nabble.com/file/p28178961/gmail.eml gmail.eml
One thing I noticed: t
se 1024 bit RSA key, and seems the email passed DKIM
validation. Seems that my perl installation at iwtek.net somehow cannot
validate 2048 bit RSA DKIM signatures. Does anyone have some clue?
--
View this message in context:
http://old.nabble.com/the-dkim-sigature-is-valid%2C-but-still-triggered
le.com/the-dkim-sigature-is-valid%2C-but-still-triggered-T_DKIM_INVALID-in-mail-server-tp28178215p28178961.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
oth @iwtek.net and @ieaa.org, as in
> the attachment (both mail servers are managed by me), but I got
> T_DKIM_INVALID in iwtek.net while I got DKIM_VALID,DKIM_VALID_AU in
> ieaa.org (it is the same email simultaneous sent to both email addresses).
> This is weird enough, but there is e
managed by me), but I got
T_DKIM_INVALID in iwtek.net while I got DKIM_VALID,DKIM_VALID_AU in ieaa.org
(it is the same email simultaneous sent to both email addresses). This is
weird enough, but there is even stranger thing. I tried to feed the supposed
failed email (exactly the one attached) to spamd in
56 matches
Mail list logo
