DKIMPROXY signing wrong domain
Posted
by
user64566
on Server Fault
See other posts from Server Fault
or by user64566
Published on 2010-12-23T19:01:04Z
Indexed on
2010/12/23
19:55 UTC
Read the original article
Hit count: 342
Just.... wont sign a thing...
The dkimproxy_out.conf:
# specify what address/port DKIMproxy should listen on
listen 127.0.0.1:10028
# specify what address/port DKIMproxy forwards mail to
relay 127.0.0.1:10029
# specify what domains DKIMproxy can sign for (comma-separated, no spaces)
domain tinymagnet.com,hypnoenterprises.com
# specify what signatures to add
signature dkim(c=relaxed)
signature domainkeys(c=nofws)
# specify location of the private key
keyfile /etc/postfix/dkim/private.key
# specify the selector (i.e. the name of the key record put in DNS)
selector mail
The direct connection straight to the server, making it clear that this is a problem with dkimproxy and not postfix...
mmxbass@hypno1:~$ telnet localhost 10028
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 hypno1.hypnoenterprises.com ESMTP Postfix (Debian/GNU)
EHLO hypno1.hypnoenterprises.com
250-hypno1.hypnoenterprises.com
250-PIPELINING
250-SIZE
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:<[email protected]>
250 2.1.0 Ok
RCPT TO:<[email protected]>
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
SUBJECT:test
.
250 2.0.0 Ok: queued as B62A78D94F
QUIT
221 2.0.0 Bye
Now lets look at the mail headers as reported by myiptest.com:
From [email protected] Thu Dec 23 18:57:14 2010
Return-path:
Envelope-to: [email protected]
Delivery-date: Thu, 23 Dec 2010 18:57:14 +0000
Received: from [184.82.95.154] (helo=hypno1.hypnoenterprises.com)
by myiptest.com with esmtp (Exim 4.69)
(envelope-from )
id 1PVqLi-0004YR-5f
for [email protected]; Thu, 23 Dec 2010 18:57:14 +0000
Received: from hypno1.hypnoenterprises.com (localhost.localdomain [127.0.0.1])
by hypno1.hypnoenterprises.com (Postfix) with ESMTP id 878418D902
for ; Thu, 23 Dec 2010 13:57:26 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=hypnoenterprises.com; h=
from:to:subject:date:mime-version:content-type
:content-transfer-encoding:message-id; s=mail; bh=uoq1oCgLlTqpdD
X/iUbLy7J1Wic=; b=HxBKTGjzTpZSZU8xkICtARCKxqriqZK+qHkY1U8qQlOw+S
S1wlZxzTeDGIOgeiTviGDpcKWkLLTMlUvx8dY4FuT8K1/raO9nMC7xjG2uLayPX0
zLzm4Srs44jlfRQIjrQd9tNnp35Wkry6dHPv1u21WUvnDWaKARzGGHRLfAzW4=
Received: from localhost (localhost.localdomain [127.0.0.1])
by hypno1.hypnoenterprises.com (Postfix) with ESMTP id 2A04A8D945
for ; Thu, 23 Dec 2010 13:57:26 -0500 (EST)
X-Virus-Scanned: Debian amavisd-new at hypno1.hypnoenterprises.com
Received: from hypno1.hypnoenterprises.com ([127.0.0.1])
by localhost (hypno1.hypnoenterprises.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Ua7BnnzmIaUO for ;
Thu, 23 Dec 2010 13:57:25 -0500 (EST)
Received: from phoenix.localnet (c-76-23-245-211.hsd1.ma.comcast.net [76.23.245.211])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by hypno1.hypnoenterprises.com (Postfix) with ESMTPSA id 48A0D8D90D
for ; Thu, 23 Dec 2010 13:57:25 -0500 (EST)
From: Joshua Pech
To: [email protected]
Subject: test
Date: Thu, 23 Dec 2010 13:57:25 -0500
User-Agent: KMail/1.13.5 (Linux/2.6.32-5-amd64; KDE/4.4.5; x86_64; ; )
MIME-Version: 1.0
Content-Type: Text/Plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id:
DomainKey-Status: no signature
Received-SPF: pass (myiptest.com: domain of tinymagnet.com designates 184.82.95.154 as permitted sender)
Notice how the dkim signature specifies the d=hypnoenterprises.com.... why?
© Server Fault or respective owner