Autor: Jeremy Harris Data: A: exim-users Assumpte: Re: [exim] DKIM signing with the i= (Identity) tag/header
On 22/11/16 15:45, Christian Balzer wrote: > On Tue, 22 Nov 2016 14:06:28 +0000 Jeremy Harris wrote:
>
>> On 21/11/16 08:44, Christian Balzer wrote:
>>> The problem was with the DNS TXT record after all, but so subtly that
>>> Exim itself didn't spot it and gave things clean bill of health when
>>> checking mails signed for that domain.
>>>
>>> To wit, the record had "v=DKIM1\\\; k=rsa\\\; ..." in it, instead of a
>>> single backslash.
>>
>> Just to doublecheck... the DNS should return a record with any
>> backslashes at all, and the need for one is in your path to
>> loading the record for publication (and someone used 3, resulting
>> in a record being presented to Google with 1)?
>
> Nope, the correct DNS TXT query should have ONE backslash in there.
If I read RFC 4871 correctly, not so. There is no mention of backslash
as part of the tag-spec separator in a tag-list, and the value for a v=
tag must be set to exactly "DKIM1" (without the quotes).
Where do you find the requirement for a backslash?
--
Cheers,
Jeremy