You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Benny Pedersen <me...@junc.eu> on 2020/11/10 01:21:36 UTC

amazonses.com doubble dkim sign

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=n4atlko3yvgxyqpwp7palysab6occe3l; d=fing.com; t=1604971038;
	h=From:To:Message-ID:Subject:MIME-Version:Content-Type:Date;
	bh=0LT5Ztzk2B+Ecm2NPRzroGl6fTFNX9TpP6X0036qmf4=;
	b=Rtc9ieWPMuaNZ9iRZPZMEfuGj7pnaXu6TPjT9px08NGKZt0+rbCLyz083FG3djhk
	UTdHNgkEc6xGCCRN0JzbrdYaHWptG2U42qOYEajdE59uuR/Ucy+rGJA8Vr2roe/Ssvm
	jYWosu47Ndl6M56u9m3aNpAuBOgNmQHWoMVyWXZU=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
	s=shh3fegwg5fppqsuzphvschd53n6ihuv; d=amazonses.com; t=1604971038;
	h=From:To:Message-ID:Subject:MIME-Version:Content-Type:Date:Feedback-ID;
	bh=0LT5Ztzk2B+Ecm2NPRzroGl6fTFNX9TpP6X0036qmf4=;
	b=lihzmRF2B+mUjB1E89LLJ8JkbpbQQIpnPd5JtQjAGB5uSurBWfv6VrGHgbCy2O1e
	q7AWlXPTcwdca5K4iB0pormV/lgvfZV+kgwfSrLPlgWBwlB9hRi2TCsFhT9v9tbEm1b
	dZBXrPRFO9r+uDtLfR6OgaOtXq7RjMiAUqcDBm0k=
 From: Fing Alert <al...@fing.com>

why ?

Re: amazonses.com doubble dkim sign

Posted by Dave Funk <db...@engineering.uiowa.edu>.

On Tue, 10 Nov 2020, Benny Pedersen wrote:

> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
> 	s=n4atlko3yvgxyqpwp7palysab6occe3l; d=fing.com; t=1604971038;
> 	h=From:To:Message-ID:Subject:MIME-Version:Content-Type:Date;
> 	bh=0LT5Ztzk2B+Ecm2NPRzroGl6fTFNX9TpP6X0036qmf4=;
> 	b=Rtc9ieWPMuaNZ9iRZPZMEfuGj7pnaXu6TPjT9px08NGKZt0+rbCLyz083FG3djhk
> 	UTdHNgkEc6xGCCRN0JzbrdYaHWptG2U42qOYEajdE59uuR/Ucy+rGJA8Vr2roe/Ssvm
> 	jYWosu47Ndl6M56u9m3aNpAuBOgNmQHWoMVyWXZU=
> DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
> 	s=shh3fegwg5fppqsuzphvschd53n6ihuv; d=amazonses.com; t=1604971038;
> 	h=From:To:Message-ID:Subject:MIME-Version:Content-Type:Date:Feedback-ID;
> 	bh=0LT5Ztzk2B+Ecm2NPRzroGl6fTFNX9TpP6X0036qmf4=;
> 	b=lihzmRF2B+mUjB1E89LLJ8JkbpbQQIpnPd5JtQjAGB5uSurBWfv6VrGHgbCy2O1e
> 	q7AWlXPTcwdca5K4iB0pormV/lgvfZV+kgwfSrLPlgWBwlB9hRi2TCsFhT9v9tbEm1b
> 	dZBXrPRFO9r+uDtLfR6OgaOtXq7RjMiAUqcDBm0k=
> From: Fing Alert <al...@fing.com>
>
> why ?

Two signatures, one for the 'From:' address (message creator) and one for the 
issuing SMTP system.
Look at the signing domain (the 'd=D.N' part) to see who the creator of a given 
signature is.

There's nothing to prevent each system in the SMTP hand-off chain from adding 
their own signature, provided they do nothing to invalidate earlier signatures.
More than two is unusual/overkill, but it's not uncommon to see two.


-- 
Dave Funk                               University of Iowa
<dbfunk (at) engineering.uiowa.edu>     College of Engineering
319/335-5751   FAX: 319/384-0549        1256 Seamans Center, 103 S Capitol St.
Sys_admin/Postmaster/cell_admin         Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{