You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "G.H. (Spamassassin)" <gh...@ehealth.be> on 2016/06/24 16:20:35 UTC
T_DKIM_INVALID even if debugging reveals that everything is working?
Hello,
Every incoming mail with valid DKIM-signatures is tagged with
T_DKIM_INVALID.
But when I run such a mail through spamassassin -t -D dkim < email it
finds no errors?
I already googled this but it always comes down to missing packages that
are being reported with the debug, but in my case there seems to be no
problem there.
I included the logs. What could be wrong here?
Version:
SpamAssassin version 3.4.1
running on Perl version 5.18.2
OS: OpenSuse Leap 42.1 running qmail with dovecot
Mail Source:
Return-Path: <bo...@bu.d.mailin.fr>
Delivered-To: xxxxxxx@ehealth.be
Received: (qmail 3389 invoked by uid 89); 24 Jun 2016 15:30:20 -0000
Received: (simscan 1.4.1 ppid 3383 pid 3384 t 0.9830s)
(scanners: spam: 3.4.1 attach: 1.4.1 clamav: 0.99.2/m:57/d:21765); 24 Jun 0116 15:30:19 -0000
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on higis-s3
X-Spam-Level: *
X-Spam-Status: No, score=1.2 required=5.0 tests=HTML_FONT_LOW_CONTRAST,
HTML_MESSAGE,LOCAL_SPF_PASS,REMOVE_BEFORE_LINK,*T_DKIM_INVALID* autolearn=no
autolearn_force=no version=3.4.1
Received: from bu.d.mailin.fr (185.41.28.121)
by higis-s3 with SMTP; 24 Jun 2016 15:30:19 -0000
Received-SPF: pass (higis-s3: SPF record at spf.sendinblue.com designates 185.41.28.121 as permitted sender)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendinblue.com;
q=dns/txt; s=mail; bh=1wTNj9sXIT4ilZQKtrhXTh+eLEBaCfRrN64eWyapsL8=;
h=from:reply-to:subject:date:mime-version:content-type:list-id:list-unsubscribe;
b=ZH14LbGRh7+arSmiqgrIt1HND+990v8SNmtS7MWbhtFYE3gT8ckcuLQ5Wxk7O8lmBIQUV3jP0wmZ
B3PAvjhMGrxDWjQOf0cvYtIFF7856ywP3C5OcFvk47i2J/bU5yeWe53tuygt4kRL/hSMIRl2tSSx
mlUhUIE/gXGe5GxHpic=
To: <xx...@ehealth.be>
Subject: =?UTF-8?Q?Samorost_3_On_Sale?=
From: =?UTF-8?Q?Amanita=20Design?= <in...@amanita-design.net>
List-Id: MTQ3MjA4NC0xOTAzMi00 <MTQ3MjA4NC0xOTAzMi00.list-id.mailin.fr>
List-Unsubscribe: <mailto:unsubscribe@bu.d.mailin.fr?subject=unsub-2lbmmov62z7j&body=2lbmmov62z7j>,<http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7g.html>
Content-Type: multipart/alternative; boundary="-------?=_69941-7396790608763"
MIME-Version: 1.0
Precedence: bulk
Feedback-ID: temp_3rd_185.41.28.121:1472084:1472084_1:Sendinblue
X-Mailer: Sendinblue
X-Mailin-Client: 1472084
X-Mailin-Campaign: 1
Reply-To: info@amanita-design.net
Message-Id: <20...@bu.d.mailin.fr>
Date: Fri, 24 Jun 2016 17:29:33 +0200
But with debugging:
higis-s3:/home/vpopmail/domains/ehealth.be/xxxxxxxx/Maildir/cur #
spamassassin -t -D dkim <1466782221.3391.higis-s3,S=29797:2,Sc
Jun 24 17:34:22.640 [3432] dbg: dkim: using Mail::DKIM version 0.4
Jun 24 17:34:22.642 [3432] dbg: dkim: performing public key lookup and
signature verification
Jun 24 17:34:22.682 [3432] dbg: dkim: VALID DKIM, i=@sendinblue.com,
d=sendinblue.com, s=mail, a=rsa-sha256, c=relaxed/relaxed,
key_bits=1024, pass
Jun 24 17:34:22.682 [3432] dbg: dkim: signature verification result: PASS
Jun 24 17:34:22.683 [3432] dbg: dkim: VALID signature by sendinblue.com,
author info@amanita-design.net, no valid matches
Jun 24 17:34:22.683 [3432] dbg: dkim: author info@amanita-design.net,
not in any dkim whitelist
Jun 24 17:34:22.683 [3432] dbg: dkim: adsp: performing lookup on
_adsp._domainkey.amanita-design.net
Jun 24 17:34:22.768 [3432] dbg: dkim: adsp result: U/unknown (dns:
unknown), author domain 'amanita-design.net'
Return-Path: <bo...@bu.d.mailin.fr>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on higis-s3
X-Spam-Level:
X-Spam-Status: No, score=-1.2 required=5.0 tests=*DKIM_SIGNED,DKIM_VALID,**
** DKIM_VERIFIED*,HTML_FONT_LOW_CONTRAST,HTML_MESSAGE,LOCAL_SPF_PASS,
RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,REMOVE_BEFORE_LINK,RP_MATCHES_RCVD,
SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no
version=3.4.1
Delivered-To: xxxxxx@ehealth.be
Received: (qmail 3389 invoked by uid 89); 24 Jun 2016 15:30:20 -0000
Received: (simscan 1.4.1 ppid 3383 pid 3384 t 0.9830s)
(scanners: spam: 3.4.1 attach: 1.4.1 clamav: 0.99.2/m:57/d:21765); 24
Jun 0116 15:30:19 -0000
Received: from bu.d.mailin.fr (185.41.28.121)
by higis-s3 with SMTP; 24 Jun 2016 15:30:19 -0000
Received-SPF: pass (higis-s3: SPF record at spf.sendinblue.com
designates 185.41.28.121 as permitted sender)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendinblue.com;
q=dns/txt; s=mail; bh=1wTNj9sXIT4ilZQKtrhXTh+eLEBaCfRrN64eWyapsL8=;
h=from:reply-to:subject:date:mime-version:content-type:list-id:list-unsubscribe;
b=ZH14LbGRh7+arSmiqgrIt1HND+990v8SNmtS7MWbhtFYE3gT8ckcuLQ5Wxk7O8lmBIQUV3jP0wmZ
B3PAvjhMGrxDWjQOf0cvYtIFF7856ywP3C5OcFvk47i2J/bU5yeWe53tuygt4kRL/hSMIRl2tSSx
mlUhUIE/gXGe5GxHpic=
To: <xx...@ehealth.be>
Subject: =?UTF-8?Q?Samorost_3_On_Sale?=
From: =?UTF-8?Q?Amanita=20Design?= <in...@amanita-design.net>
List-Id: MTQ3MjA4NC0xOTAzMi00 <MTQ3MjA4NC0xOTAzMi00.list-id.mailin.fr>
List-Unsubscribe:
<mailto:unsubscribe@bu.d.mailin.fr?subject=unsub-2lbmmov62z7j&body=2lbmmov62z7j>,<http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7g.html>
Content-Type: multipart/alternative;
boundary="-------?=_69941-7396790608763"
MIME-Version: 1.0
Precedence: bulk
Feedback-ID: temp_3rd_185.41.28.121:1472084:1472084_1:Sendinblue
X-Mailer: Sendinblue
X-Mailin-Client: 1472084
X-Mailin-Campaign: 1
Reply-To: info@amanita-design.net
Message-Id: <20...@bu.d.mailin.fr>
Date: Fri, 24 Jun 2016 17:29:33 +0200
---------?=_69941-7396790608763
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
=C2=A0 [ View in browser ]( http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7f=
.html ) =C2=A0 =C2=A0 =C2=A0 Samorost 3 is on sale on samorost3.=
net, for a limited time only! =C2=A0=0A=0A3 months ago we released our lat=
est game Samorost 3 and since then we've been fixing and improving it, acco=
rding to the feedback we've received from our fans. If you liked Machinariu=
m or Botanicula and haven't purchased Samorost 3 yet, now is the best time,=
because it's in even better condition and also on sale, 25% off. Buy it at=
the official website [ http://samorost3.net. ]( http://2giqs.r.ag.d.sendib=
m3.com/9ucr3alb62z7d.html ) =C2=A0 [ Buy Now ]( http://2giqs.r.ag.d.se=
ndibm3.com/9ucr3bdr62z7d.html ) =C2=A0 =C2=A0=0AThis email w=
as sent to xxxxxx@ehealth.be=0AYou received this email because yo=
u are registered with Amanita Design s.r.o.=0A=C2=A0=0A[ Unsubscribe here ]=
( http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7g.html ) =C2=A0=0A=0ASent b=
y=0A[ ]( http://2giqs.r.ag.d.sendibm3.com/9ucr3c6762z7d.html ) =C2=A0 =
=C2=A0=0A=C2=A9 2016 Amanita Design s.r.o. =C2=A0
---------?=_69941-7396790608763
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
--snipped
---------?=_69941-7396790608763--
Spam detection software, running on the system "higis-s3",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
postmaster for details.
Content preview: [ View in browser ](
http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7f.html
) Samorost 3 is on sale on samorost3.net, for a limited time only!
3 months ago we released our latest game Samorost 3 and since then
we've
been fixing and improving it, according to the feedback we've
received from
our fans. If you liked Machinarium or Botanicula and haven't
purchased Samorost
3 yet, now is the best time, because it's in even better condition
and also
on sale, 25% off. Buy it at the official website [ http://samorost3.net.
]( http://2giqs.r.ag.d.sendibm3.com/9ucr3alb62z7d.html ) [ Buy Now
]( http://2giqs.r.ag.d.sendibm3.com/9ucr3bdr62z7d.html
) This email was sent to xxxxx@ehealth.be You received this
email because you are registered with Amanita Design s.r.o. [
Unsubscribe
here ]( http://2giqs.r.ag.d.sendibm3.com/2gl6rtr62z7g.html ) [...]
Content analysis details: (-1.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 LOCAL_SPF_PASS No description available.
-1.4 RP_MATCHES_RCVD Envelope sender domain matches handover
relay domain
-0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4)
[185.41.28.121 listed in wl.mailspike.net]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
1.6 REMOVE_BEFORE_LINK BODY: Removal phrase right before a link
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to
background
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
-1.3 DKIM_VERIFIED No description available.
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
Re: T_DKIM_INVALID even if debugging reveals that everything is
working?
Posted by Benny Pedersen <me...@junc.eu>.
On 2016-06-24 21:25, G.H. (Spamassassin) wrote:
> Found what the problem was.
>
> Turns out spamd was running by default with the -L (Use local tests
> only (no DNS)) parameter. Removed this and restarted de daemon and
> voila:
>
+1, if just all was that simple :)
Re: T_DKIM_INVALID even if debugging reveals that everything is
working?
Posted by "G.H. (Spamassassin)" <gh...@ehealth.be>.
Found what the problem was.
Turns out spamd was running by default with the -L (Use local tests only
(no DNS)) parameter. Removed this and restarted de daemon and voila:
Jun 24 21:21:21 higis-s3 spamd[22778]: spamd: connection from localhost
[::1]:36303 to port 783, fd 5
Jun 24 21:21:21 higis-s3 spamd[22778]: spamd: setuid to vscan succeeded
Jun 24 21:21:21 higis-s3 spamd[22778]: spamd: processing message
<CA...@mail.gmail.com> for
vscan:65
Jun 24 21:21:22 higis-s3 spamd[22778]: spamd: clean message (-2.1/5.0)
for vscan:65 in 1.2 seconds, 2487 bytes.
Jun 24 21:21:22 higis-s3 spamd[22778]: spamd: result: . -2 -
*DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VERIFIED*,HTML_MESSAGE,LOCAL_SPF_PASS,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL
scantime=1.2,size=2487,user=vscan,uid=65,required_score=5.0,rhost=localhost,raddr=::1,rport=36303,mid=<CA...@mail.gmail.com>,autolearn=ham
autolearn_force=no
Jun 24 21:21:22 higis-s3 spamd[22776]: prefork: child states: II
On 06/24/2016 08:40 PM, Benny Pedersen wrote:
> On 2016-06-24 20:22, G.H. (Spamassassin) wrote:
>
>>> I notice that the DNS whitelisting rules are missing too, and the SPF
>>> rules are replaced by a custom rule LOCAL_SPF_PASS.
>>
>> Correct, I made few SPF rules of my own but that could be the cause I
>> believe?
>
> i see no spf pass ever here with spamassassin active spf test, but
> seem that spf helo pass works, just not spf testing on envelope sender
>
> so it could very well be common dns problems
>
>>> Is it possible that spamd is having a problem with DNS access?
>>> Something that doesn't affect the command line and whatever is adding
>>> Received-SPF.
>>>
>> I'll check this.out.
>
> yes will here aswell, it breaked here when i dropped pypolicyd-spf,
> will see if i can revert this in working order
Re: T_DKIM_INVALID even if debugging reveals that everything is
working?
Posted by Benny Pedersen <me...@junc.eu>.
On 2016-06-24 20:22, G.H. (Spamassassin) wrote:
>> I notice that the DNS whitelisting rules are missing too, and the SPF
>> rules are replaced by a custom rule LOCAL_SPF_PASS.
>
> Correct, I made few SPF rules of my own but that could be the cause I
> believe?
i see no spf pass ever here with spamassassin active spf test, but seem
that spf helo pass works, just not spf testing on envelope sender
so it could very well be common dns problems
>> Is it possible that spamd is having a problem with DNS access?
>> Something that doesn't affect the command line and whatever is adding
>> Received-SPF.
>>
> I'll check this.out.
yes will here aswell, it breaked here when i dropped pypolicyd-spf, will
see if i can revert this in working order
Re: T_DKIM_INVALID even if debugging reveals that everything is
working?
Posted by "G.H. (Spamassassin)" <gh...@ehealth.be>.
On 06/24/2016 07:53 PM, RW wrote:
> On Fri, 24 Jun 2016 18:20:35 +0200
> G.H. (Spamassassin) wrote:
>
>> Hello,
>>
>> Every incoming mail with valid DKIM-signatures is tagged with
>> T_DKIM_INVALID.
>> But when I run such a mail through spamassassin -t -D dkim < email it
>> finds no errors?
>> I already googled this but it always comes down to missing packages
>> that are being reported with the debug, but in my case there seems to
>> be no problem there.
>> I included the logs.
> You included the debug. Have you looked at the logs?
Nothing special there too, for example when I send an email from to it gmail
Jun 24 20:17:23 higis-s3 spamd[32358]: spamd: connection from localhost
[::1]:36216 to port 783, fd 5
Jun 24 20:17:23 higis-s3 spamd[32358]: spamd: setuid to vscan succeeded
Jun 24 20:17:23 higis-s3 spamd[32358]: spamd: processing message
<CA...@mail.gmail.com> for
vscan:65
Jun 24 20:17:23 higis-s3 spamd[32358]: spamd: clean message (0.1/5.0)
for vscan:65 in 0.1 seconds, 2471 bytes.
Jun 24 20:17:23 higis-s3 spamd[32358]: spamd: result: . 0 -
HTML_MESSAGE,LOCAL_SPF_PASS,T_DKIM_INVALID
scantime=0.1,size=2471,user=vscan,uid=65,required_score=5.0,rhost=localhost,raddr=::1,rport=36216,mid=<CA...@mail.gmail.com>,autolearn=no
autolearn_force=no
Jun 24 20:17:23 higis-s3 spamd[32357]: prefork: child states: II
>> What could be wrong here?
> I notice that the DNS whitelisting rules are missing too, and the SPF
> rules are replaced by a custom rule LOCAL_SPF_PASS.
Correct, I made few SPF rules of my own but that could be the cause I
believe?
> Is it possible that spamd is having a problem with DNS access?
> Something that doesn't affect the command line and whatever is adding
> Received-SPF.
>
I'll check this.out.
Re: T_DKIM_INVALID even if debugging reveals that everything is
working?
Posted by RW <rw...@googlemail.com>.
On Fri, 24 Jun 2016 18:20:35 +0200
G.H. (Spamassassin) wrote:
> Hello,
>
> Every incoming mail with valid DKIM-signatures is tagged with
> T_DKIM_INVALID.
> But when I run such a mail through spamassassin -t -D dkim < email it
> finds no errors?
> I already googled this but it always comes down to missing packages
> that are being reported with the debug, but in my case there seems to
> be no problem there.
> I included the logs.
You included the debug. Have you looked at the logs?
> What could be wrong here?
I notice that the DNS whitelisting rules are missing too, and the SPF
rules are replaced by a custom rule LOCAL_SPF_PASS.
Is it possible that spamd is having a problem with DNS access?
Something that doesn't affect the command line and whatever is adding
Received-SPF.