Re: [exim] skim with yahoo fails ...

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\MLena at <-
MMLena at ->
Delete this message
Reply to this message
Author: Karl-Heinz Wild
Date:  
To: exim-users
Subject: Re: [exim] skim with yahoo fails ...
Thank you for your time and the investigation.
There seems to be no solution on exim side.

I've whitelisted yahoo for the moment.

all the best.
Karl-Heinz

On 23.09.2014, at 14:22, Lena@??? wrote:

>> From: Karl-Heinz Wild
>
>> i've a problem with dkim and yahoo.
>>
>> the log shows me something, it seems very special
>> -----------------------------------------------------------------
>> 2014-09-23 12:00:06 1XWMtC-000Dzw-0C DKIM: d=yahoo.com s=s2048 c=relaxed/relaxed a=rsa-sha256 t=1411466404 [verification failed - signature did not verify (headers probably modified in transit)]
>> 2014-09-23 12:00:06 1XWMtC-000Dzw-0C DKIM: d=yahoo.com s=s1024 c=relaxed/relaxed a=rsa-sha256 t=1411466404 [verification succeeded]
>> 2014-09-23 12:00:06 1XWMtC-000Dzw-0C DKIM TEST: domain=yahoo.com possible_signer=yahoo.com status=fail reason=signature_incorrect
>> -----------------------------------------------------------------
>>
>> as you can see there are two lines. one succeeded and the first fails.
>> the difference seems to be the s=1024 vs s=2048.
>
> I just sent a few test messages via yahooMail ( @ yahoo.com ).
> Messages sent from a MUA (Opera Mail, like Thunderbird) in Eastern Europe
> via SMTP through smtp.mail.yahoo.com (with authentication)
> came from yahoo's datacenter in Ireland (nm14-vm7.bullet.mail.ir2.yahoo.com),
> each message has two DKIM-signatures: top one s=s2048 verification failed
> and bottom one s=s1024 verification succeeded.
> Messages sent from yahooMail's web-interfaces (Basic and FullyFeatured)
> came from yahoo's datacenter in Buffalo,NY (nm5-vm0.bullet.mail.bf1.yahoo.com),
> have only one DKIM-signature with s=s1024.
> Verification done by my Exim 4.83.
>
> I found an older message (05 Jul 2014) submitted from Thunderbird in Argentina
> via SMTP through smtp.mail.yahoo.com, it has two DKIM-signatures and came from
> yahoo's datacenter in Nebraska (nm10-vm4.bullet.mail.ne1.yahoo.com),
> so perhaps submitter's geolocation is irrelevant.
>
> I suspect that yahoos broke something when they did another stupid thing:
> mow messages submitted via SMTP don't show submitter's IP-address anywhere
> in the header (though messages submitted via web-interfaces do show
> submitter's IP-address in the bottom Received).
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Urgent problem with exim, php and apache ("unable toset gid/uid" error)Re: [exim] Spool format error->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)