From 305f8921e34dfbb2fd162efa1fa3e5156e290321 Mon Sep 17 00:00:00 2001 From: "Heiko Schlittermann (HS12-RIPE)" Date: Sun, 15 Sep 2019 21:43:06 +0200 Subject: [PATCH 1/1] Consistent logging, always use DKIM instead of mixed DKIM/PDKIM --- src/src/pdkim/pdkim.c | 88 +++++++++++++++++++++---------------------- test/log/4502 | 2 +- test/log/4520 | 2 +- test/runtest | 6 +-- test/stderr/4520 | 22 +++++------ 5 files changed, 60 insertions(+), 60 deletions(-) diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index 79e7c633d..9fa38b3e7 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -638,12 +638,12 @@ while (--q > sig->rawsig_no_b_val && (*q == '\r' || *q == '\n')) DEBUG(D_acl) { debug_printf( - "PDKIM >> Raw signature w/o b= tag value >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); + "DKIM >> Raw signature w/o b= tag value >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); pdkim_quoteprint(US sig->rawsig_no_b_val, Ustrlen(sig->rawsig_no_b_val)); debug_printf( - "PDKIM >> Sig size: %4u bits\n", (unsigned) sig->sighash.len*8); + "DKIM >> Sig size: %4u bits\n", (unsigned) sig->sighash.len*8); debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } if (!pdkim_set_sig_bodyhash(ctx, sig)) @@ -789,7 +789,7 @@ pdkim_finish_bodyhash(pdkim_ctx * ctx) { for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next) /* Finish hashes */ { - DEBUG(D_acl) debug_printf("PDKIM: finish bodyhash %d/%d/%ld len %ld\n", + DEBUG(D_acl) debug_printf("DKIM: finish bodyhash %d/%d/%ld len %ld\n", b->hashtype, b->canon_method, b->bodylength, b->signed_body_bytes); exim_sha_finish(&b->body_hash_ctx, &b->bh); } @@ -801,8 +801,8 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) { - debug_printf("PDKIM [%s] Body bytes (%s) hashed: %lu\n" - "PDKIM [%s] Body %s computed: ", + debug_printf("DKIM [%s] Body bytes (%s) hashed: %lu\n" + "DKIM [%s] Body %s computed: ", sig->domain, pdkim_canons[b->canon_method], b->signed_body_bytes, sig->domain, pdkim_hashes[b->hashtype].dkim_hashname); pdkim_hexprint(CUS b->bh.data, b->bh.len); @@ -824,15 +824,15 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) if ( sig->bodyhash.data && memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0) { - DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash compared OK\n", sig->domain); + DEBUG(D_acl) debug_printf("DKIM [%s] Body hash compared OK\n", sig->domain); } else { DEBUG(D_acl) { - debug_printf("PDKIM [%s] Body hash signature from headers: ", sig->domain); + debug_printf("DKIM [%s] Body hash signature from headers: ", sig->domain); pdkim_hexprint(sig->bodyhash.data, sig->bodyhash.len); - debug_printf("PDKIM [%s] Body hash did NOT verify\n", sig->domain); + debug_printf("DKIM [%s] Body hash did NOT verify\n", sig->domain); } sig->verify_status = PDKIM_VERIFY_FAIL; sig->verify_ext_status = PDKIM_VERIFY_FAIL_BODY; @@ -976,7 +976,7 @@ else #ifdef notdef DEBUG(D_acl) { - debug_printf("PDKIM >> raw hdr: "); + debug_printf("DKIM >> raw hdr: "); pdkim_quoteprint(CUS ctx->cur_header->s, ctx->cur_header->ptr); } #endif @@ -990,7 +990,7 @@ else fail verification of it later. */ DEBUG(D_acl) debug_printf( - "PDKIM >> Found sig, trying to parse >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); + "DKIM >> Found sig, trying to parse >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); sig = pdkim_parse_sig_header(ctx, ctx->cur_header->s); @@ -1075,7 +1075,7 @@ else for (int p = 0; p < len; p++) ctx->flags = (ctx->flags & ~(PDKIM_SEEN_LF|PDKIM_SEEN_CR)) | PDKIM_PAST_HDRS; DEBUG(D_acl) debug_printf( - "PDKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); + "DKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); continue; } else @@ -1351,7 +1351,7 @@ check_bare_ed25519_pubkey(pdkim_pubkey * p) int excess = p->key.len - 32; if (excess > 0) { - DEBUG(D_acl) debug_printf("PDKIM: unexpected pubkey len %lu\n", p->key.len); + DEBUG(D_acl) debug_printf("DKIM: unexpected pubkey len %lu\n", p->key.len); p->key.data += excess; p->key.len = 32; } } @@ -1380,7 +1380,7 @@ if ( !(dns_txt_reply = ctx->dns_txt_callback(dns_txt_name)) DEBUG(D_acl) { debug_printf( - "PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n" + "DKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n" " %s\n" " Raw record: ", dns_txt_name); @@ -1401,13 +1401,13 @@ if ( !(p = pdkim_parse_pubkey_record(CUS dns_txt_reply)) else debug_printf(" Error while parsing public key record\n"); debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } return NULL; } DEBUG(D_acl) debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); /* Import public key */ @@ -1457,7 +1457,7 @@ int sep; if (!siglist) return NULL; /* first select in order of hashtypes */ -DEBUG(D_acl) debug_printf("PDKIM: dkim_verify_hashes '%s'\n", dkim_verify_hashes); +DEBUG(D_acl) debug_printf("DKIM: dkim_verify_hashes '%s'\n", dkim_verify_hashes); for (prefs = dkim_verify_hashes, sep = 0, yield = NULL, ss = &yield; ele = string_nextinlist(&prefs, &sep, NULL, 0); ) { @@ -1475,7 +1475,7 @@ for (prefs = dkim_verify_hashes, sep = 0, yield = NULL, ss = &yield; /* then in order of keytypes */ siglist = yield; -DEBUG(D_acl) debug_printf("PDKIM: dkim_verify_keytypes '%s'\n", dkim_verify_keytypes); +DEBUG(D_acl) debug_printf("DKIM: dkim_verify_keytypes '%s'\n", dkim_verify_keytypes); for (prefs = dkim_verify_keytypes, sep = 0, yield = NULL, ss = &yield; ele = string_nextinlist(&prefs, &sep, NULL, 0); ) { @@ -1523,7 +1523,7 @@ if (ctx->cur_header && ctx->cur_header->ptr > 0) } else DEBUG(D_acl) debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); /* Build (and/or evaluate) body hash. Do this even if no DKIM sigs, in case we have a hash to do for ARC. */ @@ -1537,7 +1537,7 @@ if (!(ctx->flags & PDKIM_MODE_SIGN)) if (!ctx->sig) { - DEBUG(D_acl) debug_printf("PDKIM: no signatures\n"); + DEBUG(D_acl) debug_printf("DKIM: no signatures\n"); *return_signatures = NULL; return PDKIM_OK; } @@ -1554,7 +1554,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) && sig->verify_status == PDKIM_VERIFY_FAIL) { DEBUG(D_acl) - debug_printf("PDKIM: [%s] abandoning this signature\n", sig->domain); + debug_printf("DKIM: [%s] abandoning this signature\n", sig->domain); continue; } @@ -1569,7 +1569,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) do this hash incrementally. We don't need the hash we're calculating here for the GnuTLS and OpenSSL cases of RSA signing, since those library routines can do hash-and-sign. - + Some time in the future we could easily avoid doing the hash here for those cases (which will be common for a long while. We could also change from the current copy-all-the-headers-into-one-block, then call the hash-and-sign @@ -1582,18 +1582,18 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) if (!exim_sha_init(&hhash_ctx, pdkim_hashes[sig->hashtype].exim_hashmethod)) { log_write(0, LOG_MAIN|LOG_PANIC, - "PDKIM: hash setup error, possibly nonhandled hashtype"); + "DKIM: hash setup error, possibly nonhandled hashtype"); break; } if (ctx->flags & PDKIM_MODE_SIGN) DEBUG(D_acl) debug_printf( - "PDKIM >> Headers to be signed: >>>>>>>>>>>>\n" + "DKIM >> Headers to be signed: >>>>>>>>>>>>\n" " %s\n", sig->sign_headers); DEBUG(D_acl) debug_printf( - "PDKIM >> Header data for hash, canonicalized (%-7s), in sequence >>\n", + "DKIM >> Header data for hash, canonicalized (%-7s), in sequence >>\n", pdkim_canons[sig->canon_headers]); @@ -1711,15 +1711,15 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) } DEBUG(D_acl) debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); DEBUG(D_acl) { debug_printf( - "PDKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>>\n"); + "DKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>>\n"); pdkim_quoteprint(CUS sig_hdr, Ustrlen(sig_hdr)); debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } /* Relax header if necessary */ @@ -1728,11 +1728,11 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) { - debug_printf("PDKIM >> Signed DKIM-Signature header, canonicalized (%-7s) >>>>>>>\n", + debug_printf("DKIM >> Signed DKIM-Signature header, canonicalized (%-7s) >>>>>>>\n", pdkim_canons[sig->canon_headers]); pdkim_quoteprint(CUS sig_hdr, Ustrlen(sig_hdr)); debug_printf( - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } /* Finalize header hash */ @@ -1741,7 +1741,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) { - debug_printf("PDKIM [%s] Header %s computed: ", + debug_printf("DKIM [%s] Header %s computed: ", sig->domain, pdkim_hashes[sig->hashtype].dkim_hashname); pdkim_hexprint(hhash.data, hhash.len); } @@ -1781,7 +1781,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) { - debug_printf( "PDKIM [%s] b computed: ", sig->domain); + debug_printf( "DKIM [%s] b computed: ", sig->domain); pdkim_hexprint(sig->sighash.data, sig->sighash.len); } @@ -1810,7 +1810,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) debug_printf( " Error in DKIM-Signature header: tags missing or invalid (%s)\n" - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n", + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n", !(sig->domain && *sig->domain) ? "d=" : !(sig->selector && *sig->selector) ? "s=" : !(sig->headernames && *sig->headernames) ? "h=" @@ -1821,7 +1821,7 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) ); goto NEXT_VERIFY; } - + /* Make sure sig uses supported DKIM version (only v1) */ if (sig->version != 1) { @@ -1830,19 +1830,19 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) DEBUG(D_acl) debug_printf( " Error in DKIM-Signature header: unsupported DKIM version\n" - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + "DKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); goto NEXT_VERIFY; } DEBUG(D_acl) { - debug_printf( "PDKIM [%s] b from mail: ", sig->domain); + debug_printf( "DKIM [%s] b from mail: ", sig->domain); pdkim_hexprint(sig->sighash.data, sig->sighash.len); } if (!(sig->pubkey = pdkim_key_from_dns(ctx, sig, &vctx, err))) { - log_write(0, LOG_MAIN, "PDKIM: %s%s %s%s [failed key import]", + log_write(0, LOG_MAIN, "DKIM: %s%s %s%s [failed key import]", sig->domain ? "d=" : "", sig->domain ? sig->domain : US"", sig->selector ? "s=" : "", sig->selector ? sig->selector : US""); goto NEXT_VERIFY; @@ -1900,7 +1900,7 @@ NEXT_VERIFY: DEBUG(D_acl) { - debug_printf("PDKIM [%s] %s signature status: %s", + debug_printf("DKIM [%s] %s signature status: %s", sig->domain, dkim_sig_to_a_tag(sig), pdkim_verify_status_str(sig->verify_status)); if (sig->verify_ext_status > 0) @@ -1971,7 +1971,7 @@ for (hashtype = 0; hashtype < nelem(pdkim_hashes); hashtype++) if (hashtype >= nelem(pdkim_hashes)) { log_write(0, LOG_MAIN|LOG_PANIC, - "PDKIM: unrecognised hashname '%s'", hashname); + "DKIM: unrecognised hashname '%s'", hashname); return NULL; } @@ -1980,10 +1980,10 @@ DEBUG(D_acl) pdkim_signature s = *sig; ev_ctx vctx; - debug_printf("PDKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); + debug_printf("DKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"); if (!pdkim_key_from_dns(ctx, &s, &vctx, errstr)) debug_printf("WARNING: bad dkim key in dns\n"); - debug_printf("PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); + debug_printf("DKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } return sig; } @@ -2034,12 +2034,12 @@ for (b = ctx->bodyhash; b; b = b->next) && canon_method == b->canon_method && bodylength == b->bodylength) { - DEBUG(D_receive) debug_printf("PDKIM: using existing bodyhash %d/%d/%ld\n", + DEBUG(D_receive) debug_printf("DKIM: using existing bodyhash %d/%d/%ld\n", hashtype, canon_method, bodylength); return b; } -DEBUG(D_receive) debug_printf("PDKIM: new bodyhash %d/%d/%ld\n", +DEBUG(D_receive) debug_printf("DKIM: new bodyhash %d/%d/%ld\n", hashtype, canon_method, bodylength); b = store_get(sizeof(pdkim_bodyhash), FALSE); b->next = ctx->bodyhash; @@ -2050,7 +2050,7 @@ if (!exim_sha_init(&b->body_hash_ctx, /*XXX hash method: extend for sha512 */ pdkim_hashes[hashtype].exim_hashmethod)) { DEBUG(D_acl) - debug_printf("PDKIM: hash init error, possibly nonhandled hashtype\n"); + debug_printf("DKIM: hash init error, possibly nonhandled hashtype\n"); return NULL; } b->signed_body_bytes = 0; diff --git a/test/log/4502 b/test/log/4502 index 2f5c10110..3dd9f2b6e 100644 --- a/test/log/4502 +++ b/test/log/4502 @@ -13,7 +13,7 @@ 1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaZ-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex -1999-03-02 09:44:33 10HmbA-0005vi-00 PDKIM: d=test.ex s=sel_bad [failed key import] +1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel_bad [failed key import] 1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 1024 1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha1 b=1024 [invalid - syntax error in public key record] 1999-03-02 09:44:33 10HmbA-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=neutral (public key record import problem)\n header.d=test.ex header.s=sel_bad header.a=rsa-sha1 diff --git a/test/log/4520 b/test/log/4520 index ac771ef82..ecb7432c7 100644 --- a/test/log/4520 +++ b/test/log/4520 @@ -79,7 +79,7 @@ 1999-03-02 09:44:33 10HmbJ-0005vi-00 => b22 R=server_store T=file 1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed 1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbL-0005vi-00 PDKIM: d=test.ex s=sel_bad [failed key import] +1999-03-02 09:44:33 10HmbL-0005vi-00 DKIM: d=test.ex s=sel_bad [failed key import] 1999-03-02 09:44:33 10HmbL-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From 1999-03-02 09:44:33 10HmbL-0005vi-00 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record] 1999-03-02 09:44:33 10HmbL-0005vi-00 data acl: dkim status invalid diff --git a/test/runtest b/test/runtest index a672d2327..2427aac6d 100755 --- a/test/runtest +++ b/test/runtest @@ -1085,7 +1085,7 @@ RESET_AFTER_EXTRA_LINE_READ: next if /name=localhost address=::1/; # drop pdkim debugging header - next if /^PDKIM( <<<<<<<<<<<<<<<<<<<<<<<<<<<<<+|: no signatures)$/; + next if /^DKIM( <<<<<<<<<<<<<<<<<<<<<<<<<<<<<+|: no signatures)$/; # Various other IPv6 lines must be omitted too @@ -1208,7 +1208,7 @@ RESET_AFTER_EXTRA_LINE_READ: } # Not all platforms build with DKIM enabled - next if /^PDKIM >> Body data for hash, canonicalized/; + next if /^DKIM >> Body data for hash, canonicalized/; # Not all platforms build with SPF enabled next if /^(spf_conn_init|SPF_dns_exim_new|spf_compile\.c)/; @@ -1218,7 +1218,7 @@ RESET_AFTER_EXTRA_LINE_READ: # Parts of DKIM-specific debug output depend on the time/date next if /^date:\w+,\{SP\}/; - next if /^PDKIM \[[^[]+\] (Header hash|b) computed:/; + next if /^DKIM \[[^[]+\] (Header hash|b) computed:/; # Not all platforms support TCP Fast Open, and the compile omits the check if (s/\S+ in hosts_try_fastopen\? (no \(option unset\)|yes \(matched "\*"\))\n$//) diff --git a/test/stderr/4520 b/test/stderr/4520 index a15433696..1b7714d83 100644 --- a/test/stderr/4520 +++ b/test/stderr/4520 @@ -24,8 +24,8 @@ cmd buf flush ddd bytes SMTP<< 250 OK SMTP<< 250 Accepted SMTP<< 354 Enter message, ending with "." on a line by itself -PDKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +DKIM (checking verify key)>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +DKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> sel_bad._domainkey.test.ex. Raw record: v=DKIM1\;{SP}p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXRFf+VhT+lCgFhhSkinZKcFNeRzjYdW8vT29Rbb3NadvTFwAd+cVLPFwZL8H5tUD/7JbUPqNTCPxmpgIL+V5T4tEZMorHatvvUM2qfcpQ45IfsZ+YdhbIiAslHCpy4xNxIR3zylgqRUF4+Dtsaqy3a5LhwMiKCLrnzhXk1F1hxwIDAQAB v=DKIM1\ @@ -33,20 +33,20 @@ PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Bad v= field Error while parsing public key record WARNING: bad dkim key in dns -PDKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +DKIM (finished checking verify key)<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< content{CR}{LF} -PDKIM: finish bodyhash 1/1/-1 len 9 -PDKIM [test.ex] Body bytes (relaxed) hashed: 9 -PDKIM [test.ex] Body sha256 computed: fc06f48221d98ad6106c3845b33a2a41152482ab9e697f736ad26db4853fa657 -PDKIM >> Headers to be signed: >>>>>>>>>>>> +DKIM: finish bodyhash 1/1/-1 len 9 +DKIM [test.ex] Body bytes (relaxed) hashed: 9 +DKIM [test.ex] Body sha256 computed: fc06f48221d98ad6106c3845b33a2a41152482ab9e697f736ad26db4853fa657 +DKIM >> Headers to be signed: >>>>>>>>>>>> From -PDKIM >> Header data for hash, canonicalized (relaxed), in sequence >> +DKIM >> Header data for hash, canonicalized (relaxed), in sequence >> from:nobody@example.com{CR}{LF} -PDKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>> +DKIM >> Signed DKIM-Signature header, pre-canonicalized >>>>>>>>>>>>> DKIM-Signature:{SP}v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=test.ex;{CR}{LF}{TB}s=sel_bad;{SP}h=From;{SP}bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;{SP}b=; -PDKIM >> Signed DKIM-Signature header, canonicalized (relaxed) >>>>>>> +DKIM >> Signed DKIM-Signature header, canonicalized (relaxed) >>>>>>> dkim-signature:v=1;{SP}a=rsa-sha256;{SP}q=dns/txt;{SP}c=relaxed/relaxed;{SP}d=test.ex;{SP}s=sel_bad;{SP}h=From;{SP}bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;{SP}b=; -PDKIM [test.ex] Header sha256 computed: 241e16230df5723d899cfae9474c6b376a2ab1f81d1094e358f50ffd0e0067b3 +DKIM [test.ex] Header sha256 computed: 241e16230df5723d899cfae9474c6b376a2ab1f81d1094e358f50ffd0e0067b3 SMTP<< 250 OK id=10HmbL-0005vi-00 SMTP>> QUIT cmd buf flush ddd bytes -- 2.30.2