Re: [exim] Gmail frequent DKIM failures

Pàgina inicial
Delete this message
Reply to this message
Autor: Ivo Truxa
Data:  
A: exim-users
Assumpte: Re: [exim] Gmail frequent DKIM failures
I tracked down the problem to the use of CHUNKING by Gmail. (See details at https://tools.ietf.org/html/rfc1830 "SMTP Service Extensions for Transmission of Large and Binary MIME Messages"). The command BDAT gets injecting into the canonalized body string in the middle of the data stream (approx. each 63kB), breaking so the body hash, of course.

The BDAT commands get really only injected into the canonalized string, NOT into the message output self. That's also why it is impossible to debug or detect it offline, using the saved messages. The saved messages always match the signature, and the email is intact, too. You can only see it live during the transmission in daemon mode, assuming you turn debugging on.

If interested, I posted more details to https://bugs.exim.org/show_bug.cgi?id=2016

Greetings,
Ivo Truxa