[exim-dev] [Bug 963] New: DKIM failes verifying rsa-sha1/sim…

Top Page
Delete this message
Reply to this message
Author: Wolfgang Breyha
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines, [exim-dev] [Bug 963] DKIM failes verifying rsa-sha1/simple body with only newlines
Subject: [exim-dev] [Bug 963] New: DKIM failes verifying rsa-sha1/simple body with only newlines
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=963
           Summary: DKIM failes verifying rsa-sha1/simple body with only
                    newlines
           Product: Exim
           Version: 4.71
          Platform: x86
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Content Scanning
        AssignedTo: tom@???
        ReportedBy: wbreyha@???
                CC: exim-dev@???



Hi!
A friend sent me a testmail signed with his qmail *sigh*. Signature looks like:
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=xxxxx.net; h=message-id
        :date:from:mime-version:to:subject:content-type
        :content-transfer-encoding; s=default; bh=uoq1oCgLlTqpdDX/iUbLy7
        J1Wic=; b=ImZU6gr6YyO/wtwjrhJcW2FHABeQ6V51C9GbjYqAB1QBGmnj6U27ya
        ZLyvKrKmwYti+/YGkHqHrmAUglMMalu6EAef4f6BK6KE+CU/t1iDFhwUdqAL+ziz


Message Body contains only newlines:
# hexdump -C dkimmail.eml
00000b50  6c 69 64 0d 0a 20 2a 20  2d 30 2e 31 20 44 4b 49  |lid.. * -0.1 DKI|
00000b60  4d 5f 56 41 4c 49 44 20  4d 65 73 73 61 67 65 20  |M_VALID Message |
00000b70  68 61 73 20 61 74 20 6c  65 61 73 74 20 6f 6e 65  |has at least one|
00000b80  20 76 61 6c 69 64 20 44  4b 49 4d 20 6f 72 20 44  | valid DKIM or D|
00000b90  4b 20 73 69 67 6e 61 74  75 72 65 0d 0a 20 2a 20  |K signature.. * |
00000ba0  20 30 2e 30 20 54 56 44  5f 53 50 41 43 45 5f 52  | 0.0 TVD_SPACE_R|
00000bb0  41 54 49 4f 20 54 56 44  5f 53 50 41 43 45 5f 52  |ATIO TVD_SPACE_R|
00000bc0  41 54 49 4f 0d 0a 0d 0a  0d 0a 0d 0a              |ATIO........|
00000bcc


As you can see in the last part of the header ....
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
... SpamAssassin 3.3.0/Mail::DKIM 0.37 verified the mail successfully.

It looks like a body containing only newlines using rsa-sha1/simple failes to
verify in exim.

Regards, Wolfgang


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email