https://bugs.exim.org/show_bug.cgi?id=2278
Bug ID: 2278
Summary: Invalid outgoing DKIM header signature
Product: Exim
Version: 4.86
Hardware: x86-64
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: DKIM
Assignee: tom@???
Reporter: bugzilla.exim.simon@???
CC: exim-dev@???
If Exim is given a message with the following header, it fails to sign the
headers correctly (and SpamAssassin agrees).
Outgoing headers:
Subject: Re: xxxxx xxxxxxx
To: "xxxxx, xxx" <xxx.xxxxx@???>
Cc: "xxxxxx, xxx" <xxx.xxxxxx@???>
References: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
From: xxx xxxxxx <xx@???>
Message-ID: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
Date: Thu, 24 May 2018 17:19:53 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
Content-Type: multipart/alternative;
boundary="------------8DB30605A0D35CCA4247A948"
Content-Language: en-US
Outgoing debug:
PDKIM >> Hashed body data, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [arlott.org] Body bytes hashed: 0
PDKIM [arlott.org] bh computed:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
PDKIM >> Hashed header data, canonicalized, in sequence >>>>>>>>>>>>>>
content-type:multipart/alternative;{SP}boundary="------------8DB30605A0D35CCA4247A948"{CR}{LF}
in-reply-to:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
mime-version:1.0{CR}{LF}
date:Thu,{SP}24{SP}May{SP}2018{SP}17:19:53{SP}+0100{CR}{LF}
message-id:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
from:xxx{SP}xxxxxx{SP}<xx@???>{CR}{LF}
references:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{SP}<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
cc:"xxxxxx,{SP}xxx"{SP}<xxx.xxxxxx@???>{CR}{LF}
to:"xxxxx,{SP}xxx"{SP}<xxx.xxxxx@???>{CR}{LF}
subject:Re:{SP}xxxxx{SP}xxxxxxx{CR}{LF}
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM >> Signed DKIM-Signature header, canonicalized >>>>>>>>>>>>>>>>>
dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=arlott.org;{SP}s=20180217;{SP}h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:{SP}References:Cc:To:Subject;{SP}bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;{SP}b={SP};
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [arlott.org] hh computed:
2ef7f83ea7361a44c1386bb27ab88738497c5186a97bd37e4ed42fb0c0ed05ee
PDKIM [arlott.org] b computed:
a1d98575e1bb5527af3180e2008f8a377df927053ac0968a353076676a6919b357c5b4f4983faa0b996355cd1eab20577e762493a742a565a095104d1580cdfd174dd9e2eb0ba8ecdca54b26cb2f16e1f0044b40ad60455692dee5b0c32f943c49e88460fc934738917222d6303249119944ada50c34e147e50742204389cf0ebde45ef0ccdc25cf03c2a1816a8ce64c0402c42ea6a0067a1b41714afe469068bb9578f7fc75a784fc3b4011f190752027de31e328d31e22351fb669e99d98f39a0708c82e2c5b8659a65d724d7c095491829b7a19cc62ab3fb889b2f8bc94d8978cfd904b7fcb8169938a370646164ebe3a82e2d3c4fd904f02b9ce062c3328
Incoming debug:
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [arlott.org] Body bytes hashed: 0
PDKIM [arlott.org] bh computed:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
PDKIM [arlott.org] Body hash verified OK
PDKIM >> Hashed header data, canonicalized, in sequence >>>>>>>>>>>>>>
content-type:multipart/alternative;{SP}boundary="------------8DB30605A0D35CCA4247A948"{CR}{LF}
in-reply-to:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
mime-version:1.0{CR}{LF}
date:Thu,{SP}24{SP}May{SP}2018{SP}17:19:53{SP}+0100{CR}{LF}
message-id:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
from:xxx{SP}xxxxxx{SP}<xx@???>{CR}{LF}
references:<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{SP}<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>{CR}{LF}
cc:"xxxxxx,{SP}xxx"{SP}<xxx.xxxxxx@???>{CR}{LF}
to:"xxxxx,{SP}xxx"{SP}<xxx.xxxxx@???>{CR}{LF}
subject:Re:{SP}xxxxx{SP}xxxxxxx{CR}{LF}
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM >> Signed DKIM-Signature header, canonicalized >>>>>>>>>>>>>>>>>
dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=arlott.org;{SP}s=20180217;{SP}h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:{SP}References:Cc:To:Subject;{SP}bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;{SP}b=;
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [arlott.org] hh computed:
746daafc75e21529a1d355324f7abad5fc452db64e7a76586df17dcae1dd2a11
18:07:37 3831 DNS lookup of 20180217._domainkey.arlott.org. (TXT) succeeded
PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Raw record:
v=DKIM1;{SP}h=sha256;{SP}t=s;{SP}p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFLnO+LAZMtNtiEY2IeDql/2PbnHMADkamsoCchqOafUokYxBX7Mm/D4YarG14ACmxOk9WqqmZRYlOjxHtiq9hzgJJ82LQomRNHE88tirlA5zBMU39bYaQLKBgfLE4MA7zlpxi1rYRk8IsnNMpVpTN/mYj3Y0jQjS0Wrce4PRFqhTzE+fLcoyYXGs6ta3h+O7Jsv+FHtQIm8qLudVZg+BgVHGnwFHxPvxHuedY5nxvmqNLSmFtsgR2mOdP/pgxXeLpsVuDR6IqIWCqNDElXZ3c0LIl855DtjP2QUVARbIi9hMu5dfBHYpLoyUQwRnOPJs1nQfd7ztTVgaFcT0G+0QIDAQAB
v=DKIM1
h=sha256
t=s
p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFLnO+LAZMtNtiEY2IeDql/2PbnHMADkamsoCchqOafUokYxBX7Mm/D4YarG14ACmxOk9WqqmZRYlOjxHtiq9hzgJJ82LQomRNHE88tirlA5zBMU39bYaQLKBgfLE4MA7zlpxi1rYRk8IsnNMpVpTN/mYj3Y0jQjS0Wrce4PRFqhTzE+fLcoyYXGs6ta3h+O7Jsv+FHtQIm8qLudVZg+BgVHGnwFHxPvxHuedY5nxvmqNLSmFtsgR2mOdP/pgxXeLpsVuDR6IqIWCqNDElXZ3c0LIl855DtjP2QUVARbIi9hMu5dfBHYpLoyUQwRnOPJs1nQfd7ztTVgaFcT0G+0QIDAQAB
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
PDKIM [arlott.org] signature status: PDKIM_VERIFY_FAIL
(PDKIM_VERIFY_FAIL_MESSAGE)
Incoming headers:
Received: by * with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.86_2)
(envelope-from <*@*>)
id 1fLtiD-0000zn-RO
for postmaster@???; Thu, 24 May 2018 18:07:38 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=arlott.org;
s=20180217; h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:
References:Cc:To:Subject; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;
b=
odmFdeG7VSevMYDiAI+KN335JwU6wJaKNTB2Z2ppGbNXxbT0mD+qC5ljVc0eqyBXfnYkk6dCpWWgl
RBNFYDN/RdN2eLrC6js3KVLJssvFuHwBEtArWBFVpLe5bDDL5Q8SeiEYPyTRziRciLWMDJJEZlEra
UMNOFH5QdCIEOJzw695F7wzNwlzwPCoYFqjOZMBALELqagBnobQXFK/kaQaLuVePf8daeE/DtAEfG
QdSAn3jHjKNMeIjUftmnpnZjzmgcIyC4sW4ZZpl1yTXwJVJGCm3oZzGKrP7iJsvi8lNiXjP2QS3/L
gWmTijcGRhZOvjqC4tPE/ZBPArnOBiwzKA==;
Received: by * with esmtp (Exim 4.86_2)
(envelope-from <*@*>)
id 1fLthE-0008DC-Sl
for postmaster@???; Thu, 24 May 2018 18:06:43 +0100
Subject: Re: xxxxx xxxxxxx
To: "xxxxx, xxx" <xxx.xxxxx@???>
Cc: "xxxxxx, xxx" <xxx.xxxxxx@???>
References: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
<xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
From: xxx xxxxxx <xx@???>
Message-ID: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
Date: Thu, 24 May 2018 17:19:53 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@???>
Content-Type: multipart/alternative;
boundary="------------8DB30605A0D35CCA4247A948"
Content-Language: en-US
DKIM DNS RR:
20180217._domainkey.arlott.org. 3600 IN TXT "v=DKIM1; h=sha256; t=s;
p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFLnO+LAZMtNtiEY2IeDql/2PbnHMADkamsoCchqOafUokYxBX7Mm/D4YarG14ACmxOk9WqqmZRYlOjxHtiq9hzgJJ82LQomRNHE88tirlA5zBMU39bYaQLKBgfLE4MA7zlpxi1rYRk8IsnNMpVpTN/"
"mYj3Y0jQjS0Wrce4PRFqhTzE+fLcoyYXGs6ta3h+O7Jsv+FHtQIm8qLudVZg+BgVHGnwFHxPvxHuedY5nxvmqNLSmFtsgR2mOdP/pgxXeLpsVuDR6IqIWCqNDElXZ3c0LIl855DtjP2QUVARbIi9hMu5dfBHYpLoyUQwRnOPJs1nQfd7ztTVgaFcT0G+0QIDAQAB"
--
You are receiving this mail because:
You are on the CC list for the bug.