[opendmarc-users] all gmail bad signature data

shmick at riseup.net shmick at riseup.net
Wed Sep 10 07:13:04 PDT 2014 

[also posted to opendkim]

hi

i'd really appreciate a resolution for this - seems like sendmail is the
culprit since it can't seem to extract email addresses to send reports to

every email i receive from gmail gets bad signature data
every email i send to gmail passes all SPF/DKIM/DMARC

aside from gmail, i don't ever recall seeing any problems for any
outgoing email for dkim/dmarc/spf

also, i have seen plenty of logs for valid dkim sigs, adsp, and
dmarc=pass, etc

ive setup most reporting options for dkim/dmarc as:

MTACommand /usr/sbin/sendmail -C /etc/postfix/main.cf -vv -t -f
postmaster at example.net

ReportCommand /usr/sbin/sendmail -C /etc/postfix/main.cf -vv -t -f
postmaster at example.net

running opendkim/dmarc on debian jessie amd-64

$ opendmarc -V
opendmarc: OpenDMARC Filter v1.2.0
	SMFI_VERSION 0x1000001
	libmilter version 1.0.1
$ opendkim -V
opendkim: OpenDKIM Filter v2.9.2
	Compiled with OpenSSL 1.0.1i 6 Aug 2014
	SMFI_VERSION 0x1000001
	libmilter version 1.0.1
	Supported signing algorithms:
		rsa-sha1
		rsa-sha256
	Supported canonicalization algorithms:
		relaxed
		simple
	Active code options:
		QUERY_CACHE
		USE_DB
		USE_LDAP
		USE_LUA
		USE_ODBX
		USE_UNBOUND
		_FFR_ATPS
		_FFR_RBL
		_FFR_REPLACE_RULES
		_FFR_STATS
		_FFR_VBR
	libopendkim 2.9.2: atps query_cache

opendkim[8332]: : mail-qc0-f202.google.com [209.85.216.202] not internal
opendkim[8332]: 6956780003A: not authenticated
opendkim[8332]: 6956780003A: s=20120113 d=google.com SSL
error:04091068:rsa routines:INT_RSA_VERIFY:bad signature
opendkim[8332]: 6956780003A: bad signature data
postfix/sendmail[9018]: /usr/sbin/postdrop -r -v -v: wanted attribute:
queue_id
postfix/sendmail[9018]: input attribute name: queue_id
postfix/sendmail[9018]: input attribute value: 12EX2807152
postfix/sendmail[9018]: /usr/sbin/postdrop -r -v -v: wanted attribute:
(list terminator)
postfix/sendmail[9018]: input attribute name: (end)
postfix/sendmail[9018]: fatal: postmaster at example.net(123): No recipient
addresses found in message header
opendmarc[2894]: 6956780003A: pclose() returned status 19200
opendmarc[2894]: 6956780003A: smfi_quarantine() failed
opendmarc[2894]: 6956780003A: google.com fail

More information about the opendmarc-users mailing list