Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Weird DKIM issue [SOLVED]
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1490
PostPosted: Sat Dec 09, 2023 4:38 pm    Post subject: Weird DKIM issue [SOLVED] Reply with quote
When I send mails from apache, DKIM Authentication is happy, but if I send mail via cron/PHP CLI on the same server, DKIM fails with:

Code:
Authentication-Results: removed.com;
 dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=remove.com header.i=@remove.com header.a=rsa-sha256 header.s=web header.b=RnSgVFQ+;
 dkim-atps=neutral


The mail content is the same in both cases. Source IP is correct,

When sending from the webserver:

Code:
Authentication-Results: removed.com;
 dkim=pass (2048-bit key; unprotected) header.d=removed.com header.i=@removed.com header.a=rsa-sha256 header.s=web header.b=cJtdBStR;
 dkim-atps=neutral


DKIM headers are added in both cases. I know it's something simple but I'm going around in circles.
_________________
Server Admin Blog - Uno-Code.com

Last edited by hanj on Tue Dec 12, 2023 10:48 pm; edited 1 time in total
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3137
PostPosted: Sun Dec 10, 2023 1:50 am    Post subject: Reply with quote
A shot in the dark: which server does the verification? Inspect and compare all headers, not only dkim one. Did both messages go though the same route?
BTW, SMTP headers are best read bottom-up.

Maybe you sent one mail via mail submission port and the other via smtp? SMTP may or may not allow mail submission, and when it doesn't, it might fail in various ways.
Back to top
View user's profile Send private message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1490
PostPosted: Tue Dec 12, 2023 10:47 pm    Post subject: Reply with quote
szatox wrote:
A shot in the dark: which server does the verification? Inspect and compare all headers, not only dkim one. Did both messages go though the same route?
BTW, SMTP headers are best read bottom-up.

Maybe you sent one mail via mail submission port and the other via smtp? SMTP may or may not allow mail submission, and when it doesn't, it might fail in various ways.


Thanks for the reply. I actually figured it out. It was the content between two instances. I stated they were the same, but looking at the source code, one email had minified CSS, while the other did not. The minified version (I'm guessing) was chunking the email, where the non-minified did not. Once I broke up the minified version, it passed.

hanji
_________________
Server Admin Blog - Uno-Code.com
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy