You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Mark Martinec <Ma...@ijs.si> on 2007/03/09 14:01:44 UTC

GMail is now signing their mail with DKIM

In case this came by unnoticed, gmail.com is adding DKIM signatures
to their outgoing mail - for about two weeks now. Some initial
problems seem to be solved by now.

For verifying signatures stick to the most current versions of Mail::DKIM
(0.23) when checking from a SpamAssassin DKIM plugin or through dkimproxy.

If using a milter, the dkim-milter is at 0.6.1 now, stick to the most
recent version.

I updated slightly the howto to reflect the current situation:
  http://www.ijs.si/software/amavisd/amavisd-new-docs.html#dkim



Some selected recent notes from a [dkim-milter-discuss] mailing list,
I hope you don't mind (btw, Murray is the developer of dkim-milter):



Murray S. Kucherawy:
  GMail now signs with DKIM ...and it verifies with 0.6.1.  Good stuff!

Ben Lentz:
  They must have *just* fixed that. I noticed they were doing DKIM a week 
  or more ago, but I couldn't get it to verify. Now it does! Awesome!

Murray S. Kucherawy:
  They had an experimental implementation that wasn't quite right.
  Michael from Cisco was working with them to get it in line.
  Apparently they pushed a patch recently because it's working today.

  I don't think they're verifying inbound (yet) but I would imagine it's
  in the plan.  This is exciting stuff though because it should encourage 
  momentum toward more widespread adoption.  Everyone else was saying "We'll 
  do it when everyone else does it" so we needed one big trailblazer to get 
  the ball rolling.  Maybe this is it.
[...]

  - Yahoo has said they'll move to DKIM as soon as they can get enough 
  developer cycles to do so and the spec has solidified.

  - I'm in discussions with AOL about altering libdkim to meet their 
  integration needs.

Re: GMail is now signing their mail with DKIM

Posted by Frank Bures <li...@chem.toronto.edu>.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 9 Mar 2007 14:01:44 +0100, Mark Martinec wrote:

>In case this came by unnoticed, gmail.com is adding DKIM signatures
>to their outgoing mail - for about two weeks now. Some initial
>problems seem to be solved by now.
>
>For verifying signatures stick to the most current versions of Mail::DKIM
>(0.23) when checking from a SpamAssassin DKIM plugin or through dkimproxy.
>

I tried to install the plugin but the perl install of the Crypt::OpenSSL::RSA 
module returns:

Running make test
PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e" 
"test_harness(0, 'blib/lib', 'blib/arch')" t/*.t
t/bignum....ok
t/format....ok
t/rsa.......FAILED tests 44-45
        Failed 2/45 tests, 95.56% okay
Failed Test Stat Wstat Total Fail  List of Failed
- -----------------------------------------------------------------------------
- --
t/rsa.t                   45    2  44-45
Failed 1/3 test scripts. 2/119 subtests failed.
Files=3, Tests=119,  0 wallclock secs ( 0.21 cusr +  0.04 csys =  0.25 CPU)
Failed 1/3 test programs. 2/119 subtests failed.
make: *** [test_dynamic] Error 255
  /usr/bin/make test -- NOT OK
Running make install
  make test had returned bad status, won't install without force



Any suggestions?  (Running SA 3.1.8)




Frank Bures, Dept. of Chemistry, University of Toronto, M5S 3H6
fbures@chem.toronto.edu
http://www.chem.utoronto.ca
PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=index&search=Frank+Bures

Please, reply to the above address only.  <lisfrank> does not accept replies.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0 OS/2 for non-commercial use
Comment: PGP 5.0 for OS/2
Charset: cp850

wj8DBQFF8YJSih0Xdz1+w+wRAiYRAKDofMw/gFEaWHQAPJSNmF/6IsI7DACg1Odp
MT+nRb337EYFIfxzWcovdiI=
=GXf4
-----END PGP SIGNATURE-----