Re: [exim] DKIM in exim: Broken?

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M..MPhillip Carroll at <-
M+\Patrick von der Hagen at ->
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] DKIM in exim: Broken?
On 2014-11-08, Phillip Carroll <postmaster@???> wrote:

> [verification failed - body hash mismatch (body probably modified in
> transit)]
>
> The emails all use rsa-sha256 with c=relaxed/relaxed. The signed headers
> are:
> h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding
>
> All of these headers are straightforward, non-repeated, and easily found
> in the email. I am absolutely certain that none of these enumerated
> headers nor the body text have been altered en route.

In that case you can be fairly certain that either chase is signing them
incorrectly, or exim can't parse them correctly.

> is broken such that you can't use it to verify, for example, any
> signatures contained in postings to this mailing list, or any other
> mailing list".

? AFAIK it's working correctly. there's plenty of mail clients and
servers that sign messages in a way that makes the signature incompatible
with mailing lists of this type. because mailing lists often modify
the body of emails

> Basically, I am asking:
>
> (a) Is the exim dkim support simply broken in this regard?
> or
> (b) Is is it possible I have set up the configuration wrong? (emails
> that do not have extra headers all seem to verify ok)
> or
> (c) Or is the whole DKIM concept intrinsically broken?

What evedence do you have that Chase hasn't made the error?

--
umop apisdn


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] DKIM in exim: Broken?Re: [exim] DKIM in exim: Broken?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)