[exim] Spurious DKIM failures

Top Page
Delete this message
Reply to this message
Author: Evgeniy Berdnikov
Date:  
To: exim-users
Subject: [exim] Spurious DKIM failures
Hello.

I have an informational message for developers. In some rare cases Exim
considers correct DKIM signature as invalid. My estimate of fault rate
is less than 1 event for 10,000 imcoming mails.

In my environment it can be traced by headers, because each incoming
mail passes the chain

(1) Exim MTA -> (2) Amavis -> (3) Exim MTA,

where receiving relay (1) and anti-spam filter (2) save result of
DKIM verification in headers. On the failure, headers are like:

Authentication-Results: passat.rdtex.ru (amavisd-new);
        dkim=pass (1024-bit key) header.d=netology.ru header.b=OXxIl1Hh;
        dkim=pass (1024-bit key) header.d=mta.mindbox.ru header.b=I5B1tR/y
Received: from passat.rdtex.ru ([127.0.0.1])
        by localhost (passat.rdtex.ru [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id UjeSDm4hSaiL for <xxxxxxx.xxxxxxx@???>;
        Mon,  5 Jul 2021 19:06:34 +0300 (MSK)
X-Authentication-Results: passat.rdtex.ru Exim-4.94.2;
        iprev=pass (mta.mindbox.ru) smtp.remote-ip=185.99.9.135;
        dkim=fail (body hash mismatch; body probably modified in transit)
                 header.d=netology.ru header.s=mindbox header.a=rsa-sha256;
        dkim=fail (body hash mismatch; body probably modified in transit)
                 header.d=mta.mindbox.ru header.s=mindbox header.a=rsa-sha256
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
Received-SPF: pass client-ip=185.99.9.135; envelope-from=bounce.b46b070004000000607c60a5@???; helo=mta.mindbox.ru
Received: from mta.mindbox.ru ([185.99.9.135]:29146)
        by passat.rdtex.ru with esmtps (TLS1.2:ECDHE_X25519__RSA_SHA256__AES_256_GCM:256)
        (Exim 4.94.2)
        (envelope-from <bounce.b46b070004000000607c60a5@???>)
        id 1m0R7C-00HEVp-GA size 24034 maxlen 175
...


Mainlog for frontend Exim (1) contains:

2021-07-05 19:06:34.545 [4107365] 1m0R7C-00HEVp-GA DKIM: d=netology.ru s=mindbox c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
2021-07-05 19:06:34.545 [4107365] 1m0R7C-00HEVp-GA DKIM: d=mta.mindbox.ru s=mindbox c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]

Manual test of the received mail with perl module Mail::DKIM::Verifier
gives "pass" result for both signatures. If sample mail is re-injected
by SMTP from other host, it passes verification on frontend Exim.

I have 4 frontend relays with almost identical configuration, failures
happen on each of them, randomly. There are no evidence for hardware
problems (segfaults, etc). No evidence of "inherited" memory corruption:
after failure of DKIM verificaion subsequent mails are verified correctly.
So it seems as rarely manifested bug.

I have no ideas how such bug can be located. However, I can share this
sample mail with developers (in private).
--
Eugene Berdnikov