I've attached a txt file with error messages related to a message from the
tresys list (pasting it in would have wrapped the lines and been difficult to
read). It appears that the list server isn't stripping DKIM headers when it
changes the From field. This means that the DKIM signature is still checked
and obviously fails.
You probably need to edit "/etc/mailman/mm_cfg.py" to have the directive
"REMOVE_DKIM_HEADERS = Yes".
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
-------------- next part --------------
Apr 17 23:17:41 smtp postfix/smtpd[10691]: A3DC2ED85: client=oss.tresys.com[162.209.107.210]
Apr 17 23:17:41 smtp postfix/cleanup[11027]: A3DC2ED85: message-id=<20170417131735.GA11930@markus>
Apr 17 23:17:42 smtp opendkim[10146]: A3DC2ED85: s=20161025 d=gmail.com SSL error:04091068:rsa routines:int_rsa_verify:bad signature
Apr 17 23:17:42 smtp opendkim[10146]: A3DC2ED85: bad signature data
Apr 17 23:17:42 smtp postfix/cleanup[11027]: A3DC2ED85: milter-reject: END-OF-MESSAGE from oss.tresys.com[162.209.107.210]: 5.7.0 bad DKIM signature data; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<oss.tresys.com>
I've passed this request on to our IT people.
-Daniel
________________________________________
From: [email protected] [refpolicy-bounces at oss.tresys.com] on behalf of Russell Coker via refpolicy [refpolicy at oss.tresys.com]
Sent: Monday, April 17, 2017 10:01 AM
To: Guido Trentalancia via refpolicy
Subject: [refpolicy] tresys list issue
I've attached a txt file with error messages related to a message from the
tresys list (pasting it in would have wrapped the lines and been difficult to
read). It appears that the list server isn't stripping DKIM headers when it
changes the From field. This means that the DKIM signature is still checked
and obviously fails.
You probably need to edit "/etc/mailman/mm_cfg.py" to have the directive
"REMOVE_DKIM_HEADERS = Yes".
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/