Jeremy Harris via Exim-users wrote:
> On 02/12/2022 16:54, Victor Sudakov via Exim-users wrote:
> > I have an exim 4.95 installation sending DKIM-signed mails to two
> > other exim servers. On one of the receiving servers (FreeBSD,exim-4.95_5),
> > I see that the DKIM check is successful:
> >
> > Authentication-Results: XXXXXX;
> > iprev=pass (www.library.tomsk.ru) smtp.remote-ip=95.170.141.50;
> > spf=pass smtp.mailfrom=library.tomsk.ru;
> > dkim=pass header.d=library.tomsk.ru header.s=20221203 header.a=rsa-sha256
> >
> > On the other receiving server (Debian, exim4 4.94.2-7), the very same
> > mail (sent simultaneously to two recipients on XXXXXX and YYYYYY) is
> > reported as having an unsuccessful DKIM check:
> >
> > Authentication-Results: YYYYYY;
> > iprev=pass (www.library.tomsk.ru) smtp.remote-ip=95.170.141.50;
> > dkim=fail (body hash mismatch; body probably modified in transit)
> > header.d=library.tomsk.ru header.s=20221203 header.a=rsa-sha256
>
> Is this consistent for all messages sent to the pair of hosts?
> Or only occasional?
I have sent 10 short messages from the library.tomsk.ru host:
echo "test test" | mail -s "test test" vas@XXXXXX vas@YYYYYY
and its 10 times dkim=pass on FreeBSD and 10 times dkim=fail on Debian
so I guess it's consistent.
However, I've noticed that when I send a larger mail, like
uuencode /usr/bin/vi vi | mail -s "test test" vas@XXXXXX vas@YYYYYY
then 10 of the 10 mails on Debian have dkim=pass. So the message size
or encoding is envolved somehow? What gives?
>
> What libraries do 'exim -d -bV' report for each host?
FreeBSD sender:
Compiler: CLang [10.0.1 (git@???:llvm/llvm-project.git llvmorg-10.0.1-0-gef32c611aa2)]
Probably Berkeley DB version 1.8x (native mode)
Library version: OpenSSL: Compile: OpenSSL 1.1.1l-freebsd 24 Aug 2021
Runtime: OpenSSL 1.1.1l-freebsd 24 Aug 2021
: built on: reproducible build, date unspecified
Library version: IDN: Compile: 1.35
Runtime: 1.35
Library version: spf2: Compile: 1.2.10
Runtime: 1.2.10
Library version: Cyrus SASL: Compile: 2.1.28
Runtime: 2.1.28 [Cyrus SASL]
Library version: PCRE: Compile: 8.45
Runtime: 8.45 2021-06-15
FreeBSD receiver:
Compiler: CLang [10.0.1 (git@???:llvm/llvm-project.git llvmorg-10.0.1-0-gef32c611aa2)]
Probably Berkeley DB version 1.8x (native mode)
Library version: OpenSSL: Compile: OpenSSL 1.1.1l-freebsd 24 Aug 2021
Runtime: OpenSSL 1.1.1l-freebsd 24 Aug 2021
: built on: reproducible build, date unspecified
Library version: IDN: Compile: 1.35
Runtime: 1.38
Library version: spf2: Compile: 1.2.10
Runtime: 1.2.11
Library version: Cyrus SASL: Compile: 2.1.28
Runtime: 2.1.28 [Cyrus SASL]
Library version: PCRE: Compile: 8.45
Runtime: 8.45 2021-06-15
Debian receiver YYYYYY:
Compiler: GCC [10.2.1 20210110]
Library version: Glibc: Compile: 2.31
Runtime: 2.31
Library version: BDB: Compile: Berkeley DB 5.3.28: (September 9, 2013)
Runtime: Berkeley DB 5.3.28: (September 9, 2013)
Library version: GnuTLS: Compile: 3.7.1
Runtime: 3.7.1
Library version: IDN2: Compile: 2.3.0
Runtime: 2.3.0
Library version: Stringprep: Compile: 1.33
Runtime: 1.33
Library version: Cyrus SASL: Compile: 2.1.27
Runtime: 2.1.27 [Cyrus SASL]
Library version: PCRE: Compile: 8.39
Runtime: 8.39 2016-06-14
Library version: MySQL: Compile: 100510 10.5.10 [mariadb-10.5]
Runtime: 100515 10.5.15
Library version: SQLite: Compile: 3.34.1
Runtime: 3.34.1
--
Victor Sudakov VAS4-RIPE
http://vas.tomsk.ru/
2:5005/49@fidonet
