DKIM signature rejected
Matthias Apitz
guru at unixarea.de
Fri Feb 21 12:28:32 UTC 2025
El día jueves, febrero 20, 2025 a las 08:40:46a. m. -0800, googly.negotiator862 at aceecat.org escribió:
> > I've got a reject of an email to a public PostgreSQL mailing list
> > due to an issue with my DKIM signature. Attached below. I've sent a
> > test email to my company mailbox to see my resulting DKIM
> > signature. It's:
>
> > What could be wrong with this and how do I fix this. mutt is sending
> > the mail to the SMTP server of my provider 1blu, i.e. I have in
> > ~/.muttrc:
>
> Just read the reply carefully:
>
> > This email has a DKIM signature on the List- headers of the email,
> > indicating that it is not allowed to pass this email on through a
> > mailinglist.
>
> The DKIM signature header you quote shows that you're signing over the
> List-* headers. You -- or your SMTP server -- should not do that.
>
> If you can't change that, you could try a public remailer of some sort.
>
> Btw, I had exactly this problem with the postgresql-general mailing
> list too. But I run my own mail server, so the fix was easy.
I have access to the DNS configuration at the server of my ISP for the
zone 'unixarea.de'. See attached screen. Some years ago I've added there
this this because I couldn't sent mails anymore to gmail:
$ host -t txt unixarea.de
unixarea.de descriptive text "v=spf1 ip4:178.254.4.101 a:unixarea.de -all"
I see there something DKIM related, which was not inserted by me and
must be relatively new. The line says:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEiF06k04ltYm1C53caXqEu+6wlR9MetdGnjUUX4P+tlkRYEU8t+xYMuTknhZ+96C2V1Eol8iU81YxxW3pogXHuSITZuYiwFoZ2LvmiCJvswUDGgCqQJhqHA1K7+M4AE15bV/mwCqwQRI/UGhEvRtdens+F+lYhf7IEsELI2W7/pr5AovtP3NQWgMI/4eLNDJtQOvTBGESexiWqsUweAYUrW80xchEUlWE2pvhLwF61DP3YcIhbfHMIxw/KkFw4QIk2/r50y8bM70aQIY6EhcoFnh1FquG3P4TRs/W1E5d+wZtuPpRzOtHJKq9ayTDNO7J5GRAis9J+NmSucJFomYQIDAQAB
but there is nothing List-* related or is this encrypted in the p=....
value? Any mail I do send has this DKIM-signature which is added by my
ISP 1blu as the s=blu3434000 shows:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=unixarea.de
; s=blu3434000; h=Content-Transfer-Encoding:Content-Type:MIME-Version:
Reply-To:Message-ID:Subject:To:From:Date:Sender:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=mUXCo4CB5VS0jsNsC2LeR8NOxLomD73G556GgsVmluA=; b=evptchc8isl0uD+RpFR+iPUP1z
Fsx3N3+Hy1JPLQlNuGuHzKZA460Lgd/X+ZZQfp/LQVvcVVWfvMPXOOoNz9ANhTJPCfhAtfu0zit2a
Xozgq0bH66Ig2PNNayGDoz+BOocDLTqT87Ue9O+OOYp5VXrV2r3xFdwPMI5rmSklhECwQiMMgpfb2
Hnp1yOfjq5W9JdHjYCbMPFWCR+4BCyfPzUCKRJDN/txoUMTHr73Ip0S95QAhw1cT++2zGHeIv9Sdv
3G+bZxy/UpIRg0WMmD6P+04gNjxGBWlOu8YukSX/g3k1sYiBpnbKnh5NdWI/ZPpS5S+WQAqbzteWS
dhKhQmVw==;
Should I just delete this TXT entry in the DNS config?
Thanks
matthias
--
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
Annalena Baerbock: "We are fighting a war against Russia ..." (25.1.2023)
I, Matthias, I am not at war with Russia.
Я не воюю с Россией.
Ich bin nicht im Krieg mit Russland.
>
> --
> Ian
--
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
Annalena Baerbock: "We are fighting a war against Russia ..." (25.1.2023)
I, Matthias, I am not at war with Russia.
Я не воюю с Россией.
Ich bin nicht im Krieg mit Russland.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DNS-unixarea.png
Type: image/png
Size: 623441 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20250221/d4b37dd2/attachment-0001.png>
More information about the Mutt-users
mailing list