Szerző: exi.ml Dátum: Címzett: exim-users Tárgy: Re: [exim] Is that SPAM? Or am I compromised?
Thank you Slavko for your answer.
On 13/03/2023 10:28, Slavko via Exim-users wrote: > Dňa 12. 3. o 22:34 Yves via Exim-users napísal(a):
> […]
>> — There is a DKIM signature done by my own server (d=yalis.fr), which
>> includes the From header, and that header is @yalis.fr.
>
> Can be DKIM replay, it can be failed, only with purpose to fool users.
> You didn't provide DKIM verify result...
I did not know how to verify the signature… Looking at Archlinux
packages, I selected opendkim; it man page says that opendkim-testmsg
returns nothing if the input message is good. I ran:
which returned nothing, and $?==0. So the signature is valid!
> Anyway, your Message-ID is signed, if that message was initialed from
> your server, you must be able to find it in logs. And you can change
> DKIM key, to be sure...
I’m not sure of how to understand that :-/
All 3 lines seem to me to relate to receiving the message. I don’t see a
line that is about sending the message, or signing it.
Could it be that the message is signed when I receive it? Could it be
because I use LMTP for delivering, instead of local drop?
If that is the explanation, it seems a bit “stupid” of Exim to do so…