[exim-dev] [Bug 946] New: new DKIM code Signature Header blo…

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMM 
Tom Kistner at ->
Delete this message
Reply to this message
Author: Wolfgang Breyha
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 946] new DKIM code Signature Header blocked by CISCO PIX
Subject: [exim-dev] [Bug 946] New: new DKIM code Signature Header blocked by CISCO PIX
------- You are receiving this mail because: -------
You are on the CC list for the bug. 

http://bugs.exim.org/show_bug.cgi?id=946
           Summary: new DKIM code Signature Header blocked by CISCO PIX
           Product: Exim
           Version: 4.71
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Content Scanning
        AssignedTo: tom@???
        ReportedBy: wbreyha@???
                CC: exim-dev@???



Hi!

CISCO, PIX *grmpf*, again.

I was signing mails since 2008 with exim 4.69. We had some bad experience with
PIX in 2008, but it was very very silent for long time now.

Until I upgraded to exim 4.71 mid December 2009. Now we have the exactly same
issues again. Typical PIX behavior. Connection is dropped immediately after
receiving the DKIM-Signature Header. But the same host received mails coming
from exim 4.69. And they say they have not changed anything...as always;-) But
ok, I changed exim.

I ngrep'd the two sigs from 4.69 and 4.71 for the same mail...

4.71 sends:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=univie.ac.at;
s=rev1;\r\n\th=Content-Type:Subject:To:MIME-Version:From:Date:Message-ID;
bh=u4XY/OrgBMzej4EBnamZNSAumb8uPGQgOChjm0dcBv4=;\r\n\tb=AXVE+lbANZk2TQsZWeRzzSY31GkiiqOKNqfliixIjQN5ikIw93LRt7GjBlrGeSADLPoX3w3WJCK3r2FGnzXMCRsKBOVi1Y6mVajx1uqT3ZRW8mOT0B6wp0LV75u8Cw/i/NKCR9LGiUfcOkk0rL7WfOcnOTkNwoBq+ATmkkcO5BQ=;\r\n
....and triggers the drop.

4.69 sends:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n\td=univie.ac.at;
s=rev1; h=Message-ID:Date:From:MIME-Version:To:\r\n\tSubject:Content-Type;
bh=u4XY/OrgBMzej4EBnamZNSAumb8uPGQgOChjm0d\r\n\tcBv4=;
b=VDktIffrw7ZkJWGcFH5Q+MEyjNVedr1QarkeMA7mFf3VFbqu5dOT0Sz\r\n\t0otwn1DZPQA6fvKvx1464yHBBNB17RmrjqlH1Jpm7xUmshtkRLYyvBkd8WrVl5Rv\r\n\tA+d1a6uCFa2FcLJ9zIzaxQengzocwg8sbg82iHkRRIgRue10frik=\r\n
... and gets through.

Currently I do not have any information why the PIX drops 4.71.

Any ideas? I only see the different line wrap, the "q=dns/txt" and the order of
h=. Do they match on "Content-Type:" and "Content-Type;" works?

Greetings, Wolfgang Breyha


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 929] acl_smtp_dkim not mentioned in ch40 "Access Control Lists"[exim-dev] RCPT TO verification->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)