1 Topic by CrashXRU

  • CrashXRU
  • Member
  • Offline
  • From: Russia Siberia
  • Registered: 2019-12-09
  • Posts: 32

Topic: DKIM Duplicate Signed

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.0
- Deployed with iRedMail offline
- Linux/BSD distribution name and version: Debian 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP -> Active Directory
- Web server: Nginx
- Manage mail accounts with iRedAdmin-Pro? NONE
====


emails do not pass verification on some servers

Bug 

KIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.com;
     h=content-language:content-type:content-type:mime-version:date
    :date:message-id:organization:subject:subject:from:from:to
    :reply-to; s=dkim; t=1576719870; x=1579311871; bh=uwS3JSJ5eBu19g
    l5hkhn6Ec8x/gAOEFtq5Hu5sHC2nI=; b=OPN43Jf1/hCkGqq1Hj/WjFwyHExAxE
    yclqclq0DLRTnvoYUzztRKKsNgXCoasTetEZM8wtP3j2RzLixpwnVqQkIcv0Za9u
    SXOX+JCHvPQITxRkVbotfR33prixOfGcxTh1JhjTdpUQtC7WdEOSA+sIW+Q80P92
    zj7Btg/GpRgG8=

h=content-language:content-type:content-type:mime-version:date
    :date:message-id:organization:subject:subject:from:from:to
    :reply-to;


Fine

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.com;
     h=content-language:content-type:mime-version:date:message-id
    :organization:subject:from:to:reply-to; s=dkim; t=1576720244; x=
    1579312245; bh=+pmCmcEsyRvDj8FjJAmvE8SiHasIBw0e1DsK/VV+Fmk=; b=k
    TnqG2a3xR32mPSdMciUgohOWTpAkfyaZQjf4i6Lzu9Ge4KRjfyE032RnFev7pC8F
    adf4Z8JIUQ+0taAF9egaAmzHAZlO47wpzLxPAvZVVLjhznZK6DULG446Pi9WRnpx
    dlHWtYQjvk1jDP2qFl1LJ7VBA49i2fYyoWGE+N19Gg=

HowTo
add rules $signed_header_fields to configuration amavis (/etc/amavis/conf.d/50-user)

$signed_header_fields{'to'} = 1;
$signed_header_fields{'from'} = 1;
$signed_header_fields{'received'} = 0;
$signed_header_fields{'subject'} = 1;
$signed_header_fields{'message-id'} = 1;
$signed_header_fields{'content-type'} = 1;
$signed_header_fields{'date'} = 1;
$signed_header_fields{'mime-version'} = 1;

Done


p.s. I think you should add similar rules by default

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: DKIM Duplicate Signed

Fixed in git version. Thanks for the feedback. smile