EldoS | Feel safer!

Software components for data protection, secure storage and transfer

DKIM in 5.2.124

Posted: 09/13/2011 09:34:05
by Elric Pedder (Standard support level)
Joined: 05/11/2006
Posts: 5

I'm having some with DKIM in build 5.2.124 of SecureBlackBox. I haven't been able to get the sample Verifier to successfully verify any DKIM signed messages. Here is an example from GMail.

Return-Path: <epedder@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on WESTMINSTER
X-Spam-Status: No, score=-1.9 required=6.3 tests=BAYES_00,FREEMAIL_FROM,
   HTML_MESSAGE,T_TO_NO_BRKTS_FREEMAIL autolearn=ham version=3.3.1
Received: from smtp.mailkeep.net (ns1.mailkeep.net [])
          by novitraq.com with SMTP (Mailtraq/ id NVTRF0E5A2A3
          for postmaster@novitraq.com; Mon, 12 Sep 2011 21:11:45 -0400
Received: from mx2.mailkeep.net (ns2.mailkeep.net []) by smtp.mailkeep.net
          with SMTP (Mailkeep 1.2) id 1109130111377070
          for postmaster@novitraq.com; Tue, 13 Sep 2011 01:11:37 -0000
Received-SPF: pass (smtp.mailkeep.net: domain of Marcy@energyfriends.de designates as permitted sender)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com []) by mx2.mailkeep.net
          with SMTP (Mailkeep 1.2) id 11091221114412562
          for postmaster@novitraq.com; Mon, 12 Sep 2011 21:11:44 -0400
Received-SPF: pass (mx2.mailkeep.net: domain of epedder@gmail.com designates as permitted sender)
Received: by gxk19 with SMTP id 19so32479gxk.31
        for <postmaster@novitraq.com>; Mon, 12 Sep 2011 18:11:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
MIME-Version: 1.0
Received: by with SMTP id l5mr8222150ibb.18.1315876291620; Mon, 12
Sep 2011 18:11:31 -0700 (PDT)
Received: by with HTTP; Mon, 12 Sep 2011 18:11:31 -0700 (PDT)
Date: Mon, 12 Sep 2011 21:11:31 -0400
Message-ID: <CAEP9FYWWF6CzeQAtHE5JcwD546+ZLkgKS8P5O0U9MkEyrbu-Jg@mail.gmail.com>
Subject: dktest
From: Elric Pedder <epedder@gmail.com>
To: postmaster@novitraq.com, elric@dev.novitraq.com
Content-Type: multipart/alternative; boundary=0015176f09fcee310004acc852bc
X-Hops: 3

Content-Type: text/plain; charset=ISO-8859-1

dktest test

Content-Type: text/html; charset=ISO-8859-1

dktest test


Here is the GMail public key:
k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIhyR3oItOy22ZOaBrIVe9m/iME3RqOJeasANSpg2YTHTYV+Xtp4xwf5gTjCmHQEMOs0qYu0FYiNQPQogJ2t0Mfx9zNu06rfRBDjiIU9tpx2T+NGlWZ8qhbiLo5By8apJavLyqTLavyPSrvsx0B3YzC63T4Age2CDqZYA+OwSMWQIDAQAB

Am I doing this incorrectly? Or is there perhaps a problem with this build? I can verify, successfully, messages signed with the sample Signer application.

- Elric
Posted: 09/13/2011 09:50:21
by Eugene Mayevski (Team)

DKIM was a running target for all those years. There were several DomainKeys (original Yahoo specification) and incompatible drafts of DKIM standard. While we tried to maintain compatibility with all of them, it's quite hard to say what happens in code written 4 years ago (and designed to matched standards that existed then) when it works with modern servers. The only thing I can offer is that you take the latest version and check the situation with it. If it doesn't work for you, then we can work with it. In any case, upgrading is the only option, I think.

Sincerely yours
Eugene Mayevski
Posted: 09/13/2011 10:47:52
by Elric Pedder (Standard support level)
Joined: 05/11/2006
Posts: 5

Thanks Eugene. I've just installed a trial and it does correctly verify it so something must have been fixed. I certainly wouldn't expect you to remember this stuff from four years ago and I certainly remember the frustrations with the standards back then.

Best regards,
- Elric



Topic viewed 812 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!