Re: [exim] Gmail frequent DKIM failures

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ivo Truxa
Date:  
À: exim-users
Sujet: Re: [exim] Gmail frequent DKIM failures
I tracked down the problem to the use of CHUNKING by Gmail. (See details at https://tools.ietf.org/html/rfc1830 "SMTP Service Extensions for Transmission of Large and Binary MIME Messages"). The command BDAT gets injecting into the canonalized body string in the middle of the data stream (approx. each 63kB), breaking so the body hash, of course.

The BDAT commands get really only injected into the canonalized string, NOT into the message output self. That's also why it is impossible to debug or detect it offline, using the saved messages. The saved messages always match the signature, and the email is intact, too. You can only see it live during the transmission in daemon mode, assuming you turn debugging on.

If interested, I posted more details to https://bugs.exim.org/show_bug.cgi?id=2016

Greetings,
Ivo Truxa