Re: [exim] "closed connection in response to sending data bl…

Góra strony
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
Dla: exim users
Temat: Re: [exim] "closed connection in response to sending data block" issuewith 4.71 DKIM signing
Tony Meyer wrote:
> Hi,
>
> When I try to use the 4.71 dkim-signing functionality to sign
> messages, the connection is lost when Exim sends the data to the
> remote host. I've tried sending to gmail (debug output below) and
> also to a server of my own that is definitely not doing any DKIM
> checking. The DKIM DNS entry isn't setup for this domain, but IIUC
> that shouldn't be necessary for the signing process, only the
> validation process.
>
> Can anyone shed any light on what I'm doing wrong?
>
> Thanks,
> Tony


Just a guess - but the presence of a DKIM signature 'most probably' triggers any
DKIM-verification-capable receiving host to *attempt* such a verification.

Which will of course fail until you set up your DKIM info in the DNS...

'I could be wrong...' etc..

Feel free to send a direct test message to my address. It 'notices' DKIM, but
not in the conventional manner.

Bill




>
> Transport configuration (the domain, selector and private key are
> actually MySQL lookups, but those work correctly):
>
> remote_smtp:
> debug_print = "T: remote_smtp for $local_part@$domain"
> driver = smtp
> dkim_domain = spamexperts.com
> dkim_selector = testing
> dkim_private_key = XXXXXXXX
> dkim_strict = true
>
> Debug output (with the certificate and lookups hidden a bit):
>
> 24282 delivering 1NIV7o-0006JM-8J to ASPMX2.GOOGLEMAIL.com
> [209.85.135.27] (tony@???)
> 24282 set_process_info: 24282 delivering 1NIV7o-0006JM-8J to
> ASPMX2.GOOGLEMAIL.com [209.85.135.27] (tony@???)
> 24280 set_process_info: 24280 delivering 1NIV7o-0006JM-8J: waiting for
> a remote delivery subprocess to finish
> 24280 selecting on subprocess pipes
> 24282 Connecting to ASPMX2.GOOGLEMAIL.com [209.85.135.27]:25 ... connected
> 24282 waiting for data on socket
> 24282 read response data: size=42
> 24282   SMTP<< 220 mx.google.com ESMTP w5si749815mue.22
> 24282 209.85.135.27 in hosts_avoid_esmtp? no (option unset)
> 24282   SMTP>> EHLO server1.devtrunk.simplyspamfree.com
> 24282 waiting for data on socket
> 24282 read response data: size=126
> 24282   SMTP<< 250-mx.google.com at your service, [188.40.178.34]
> 24282          250-SIZE 35651584
> 24282          250-8BITMIME
> 24282          250-ENHANCEDSTATUSCODES
> 24282          250 PIPELINING
> 24282 209.85.135.27 in hosts_require_tls? no (option unset)
> 24282 209.85.135.27 in hosts_avoid_pipelining? no (option unset)
> 24282 using PIPELINING
> 24282 209.85.135.27 in hosts_require_auth? no (option unset)
> 24282   SMTP>> MAIL FROM:<tony@???> SIZE=1833
> 24282   SMTP>> RCPT TO:<tony@???>
> 24282   SMTP>> DATA
> 24282 waiting for data on socket
> 24282 read response data: size=31
> 24282   SMTP<< 250 2.1.0 OK w5si749815mue.22
> 24282 waiting for data on socket
> 24282 read response data: size=63
> 24282   SMTP<< 250 2.1.5 OK w5si749815mue.22
> 24282   SMTP<< 354  Go ahead w5si749815mue.22
> 24282   SMTP>> writing message and terminating "."
> 24282 writing data block fd=7 size=813 timeout=300
> 24282 search_open: mysql "NULL"
> 24282 search_find: file="NULL"
> 24282   key="SELECT dkim_selector XXX" partial=-1 affix=NULL starflags=0
> 24282 LRU list:
> 24282 internal_search_find: file="NULL"
> 24282   type=mysql key="SELECT dkim_selector XXX"
> 24282 database lookup required for SELECT dkim_selector XXX
> 24282 MySQL query: SELECT dkim_selector XXX
> 24282 MYSQL new connection: host=localhost port=0 socket=NULL
> database=mx user=exim
> 24282 lookup yielded: testing
> 24282 search_open: mysql "NULL"
> 24282   cached open
> 24282 search_find: file="NULL"
> 24282   key="SELECT certificate XXX" partial=-1 affix=NULL starflags=0
> 24282 LRU list:
> 24282 internal_search_find: file="NULL"
> 24282   type=mysql key="SELECT certificate XXX"
> 24282 database lookup required for SELECT certificate XXX
> 24282 MySQL query: SELECT certificate XXX
> 24282 MYSQL using cached connection for localhost/mx/exim
> 24282 lookup yielded: -----BEGIN CERTIFICATE-----XXX=-----END CERTIFICATE-----
> 24282
> PDKIM >> Hashed body data, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Ths{SP}is{SP}atest.{CR}{LF}PDKIM
> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> PDKIM [spamexperts.com] Body bytes hashed: 15
> PDKIM [spamexperts.com] bh  computed:
> 26054105837d58c20fa7cf59c6d54d281113407ea09f82baad61d6520a46387f
> PDKIM >> Hashed header data, canonicalized, in sequence >>>>>>>>>>>>>>
> message-id:<E1NIV7o-0006JM-8J@???>{CR}{LF}
> from:tony@???{CR}{LF}
> subject:test{CR}{LF}
> PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> PDKIM >> Signed DKIM-Signature header, canonicalized >>>>>>>>>>>>>>>>>
> dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=spamexperts.com;{SP}s=testing;{SP}h=Message-ID:From:Subject;{SP}bh=JgVBBYN9WMIPp89ZxtVNKBETQH6gn4K6rWHWUgpGOH8=;{SP}b=;
> PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> PDKIM [spamexperts.com] hh computed:
> acd4376f8bf24154fda23fd565e5d56772c5f2a941f987ba8ee6b1c9554cd42f
> 24282 ok=0 send_quit=0 send_rset=1 continue_more=0 yield=1 first_address is NULL
> 24282 LOG: MAIN
> 24282   Remote host ASPMX2.GOOGLEMAIL.com [209.85.135.27] closed
> connection in response to sending data block
> 24282 set_process_info: 24282 delivering 1NIV7o-0006JM-8J: just tried
> ASPMX2.GOOGLEMAIL.com [209.85.135.27] for tony@???: result
> DEFER

>
> mainlog output for remote server (mine, not gmail's, obviously):
>
> 2009-12-09 23:44:51 SMTP connection from
> server1.devtrunk.simplyspamfree.com [188.40.178.34] lost while reading
> message data (header)
>
> mainlog output for sending server when not in debug mode:
>
> 2009-12-09 23:58:31 1NIVUH-0006TH-Tb Remote host
> fallbackmx.spamexperts.com [78.46.212.49] closed connection in
> response to sending data block
>
> Exim version:
>
> Exim version 4.71 #1 built 09-Dec-2009 07:44:54
> Copyright (c) University of Cambridge, 1995 - 2007
> Berkeley DB: Berkeley DB 4.6.21: (September 27, 2007)
> Support for: crypteq iconv() Expand_dlfunc OpenSSL Content_Scanning
> DKIM Experimental_SPF Experimental_SRS
> Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz dnsdb mysql
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir autoreply pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> OpenSSL compile-time version: OpenSSL 0.9.8g 19 Oct 2007
> OpenSSL runtime version: OpenSSL 0.9.8g 19 Oct 2007
>