'[Fail2ban-users] list works wrong - DKIM signatures are failing'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fail2ban-users
Subject:    [Fail2ban-users] list works wrong - DKIM signatures are failing
From:       Peter Heirich <maillist.fail2ban () mail ! heirich ! name>
Date:       2021-04-14 18:29:51
Message-ID: 0b61a6ad-0a1d-cbcf-c9d0-612d3490026f () mail ! heirich ! name
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

because of fighting spam i modified DMARC policy to report failing mails.

It isn't not only my system which claims wrong DKIM signatures, got 
reports about same errors from 3 other systems because of DMARC report 
policy.


Authentication-Results: austria136.server4you.de (amavisd-new);
	dkim=fail (1024-bit key) reason="fail (message has been altered)"
	header.d=sourceforge.net header.b=XZAQVe+w; dkim=fail (1024-bit key)
	reason="fail (message has been altered)" header.d=sf.net
	header.b=ZF/dO/0J; dkim=fail (1024-bit key)
	reason="fail (body has been altered)" header.d=mail.heirich.name
	header.b=Dgo6O7AQ

Of course, failing of my own DKIM signature is expected behavior.

However, the list added DKIM signatures of sf.net and sourceforge.net. And these signatures should fit !
They should be made after the mailing-list had done modifications.

Please note, that this probably isn't a incorrect setup of my systems, because i got DMARC reports like:

This is an authentication failure report for an email message received 
from IP
216.105.38.7 on Wed, 14 Apr 2021 16:06:34 +0000 (UTC).


Feedback-Type: auth-failure
Version: 1
User-Agent: OpenDMARC-Filter/1.4.1
Auth-Failure: dmarc
Authentication-Results: prime.gushi.org; dmarc=fail 
header.from=mail.heirich.name
Original-Envelope-Id: 13EG6W3R084103
Original-Mail-From: fail2ban-users-bounces@lists.sourceforge.net
Source-IP: 216.105.38.7 (lists.sourceforge.net)
Reported-Domain: mail.heirich.name


DKIM-Filter: OpenDKIM Filter v2.10.3 prime.gushi.org 13EG6W3R084103
Authentication-Results: prime.gushi.org;
        dkim=fail reason="signature verification failed" (1024-bit key; 
unprotected) header.d=sourceforge.net header.i=@sourceforge.net 
header.b=XZAQVe+w;
        dkim=fail reason="signature verification failed" (1024-bit key; 
unprotected) header.d=sf.net header.i=@sf.net header.b=ZF/dO/0J;

        dkim=fail reason="signature verification failed" (1024-bit key; 
unprotected) header.d=mail.heirich.name header.i=@mail.heirich.name 
header.b=Dgo6O7AQ


regards Peter



[Attachment #5 (text/html)]

<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Hi,</p>
    <p>because of fighting spam i modified DMARC policy to report
      failing mails.</p>
    <p>It isn't not only my system which claims wrong DKIM signatures,
      got reports about same errors from 3 other systems because of
      DMARC report policy.</p>
    <p><br>
    </p>
    <pre>Authentication-Results: austria136.server4you.de (amavisd-new);
	dkim=fail (1024-bit key) reason="fail (message has been altered)"
	header.d=sourceforge.net header.b=XZAQVe+w; dkim=fail (1024-bit key)
	reason="fail (message has been altered)" header.d=sf.net
	header.b=ZF/dO/0J; dkim=fail (1024-bit key)
	reason="fail (body has been altered)" header.d=mail.heirich.name
	header.b=Dgo6O7AQ

Of course, failing of my own DKIM signature is expected behavior.

However, the list added DKIM signatures of sf.net and sourceforge.net. And these \
signatures should fit ! They should be made after the mailing-list had done \
modifications.

Please note, that this probably isn't a incorrect setup of my systems, because i got \
DMARC reports like:</pre>  This is an authentication failure report for an email \
message  received from IP<br>
    216.105.38.7 on Wed, 14 Apr 2021 16:06:34 +0000 (UTC).<br>
    <br>
    <br>
    Feedback-Type: auth-failure<br>
    Version: 1<br>
    User-Agent: OpenDMARC-Filter/1.4.1<br>
    Auth-Failure: dmarc<br>
    Authentication-Results: prime.gushi.org; dmarc=fail
    header.from=mail.heirich.name<br>
    Original-Envelope-Id: 13EG6W3R084103<br>
    Original-Mail-From: <a class="moz-txt-link-abbreviated" \
href="mailto:fail2ban-users-bounces@lists.sourceforge.net">fail2ban-users-bounces@lists.sourceforge.net</a><br>
  Source-IP: 216.105.38.7 (lists.sourceforge.net)<br>
    Reported-Domain: mail.heirich.name<br>
    <br>
    <br>
    DKIM-Filter: OpenDKIM Filter v2.10.3 prime.gushi.org 13EG6W3R084103<br>
    Authentication-Results: prime.gushi.org;<br>
           dkim=fail reason="signature verification failed" (1024-bit key;
    unprotected) header.d=sourceforge.net <a class="moz-txt-link-abbreviated" \
href="mailto:header.i=@sourceforge.net">header.i=@sourceforge.net</a>  \
header.b=XZAQVe+w;<br>  dkim=fail reason="signature verification failed" (1024-bit \
key;  unprotected) header.d=sf.net <a class="moz-txt-link-abbreviated" \
href="mailto:header.i=@sf.net">header.i=@sf.net</a> header.b=ZF/dO/0J;<br>  <p>       \
dkim=fail reason="signature verification failed" (1024-bit  key; unprotected) \
                header.d=mail.heirich.name
      <a class="moz-txt-link-abbreviated" \
href="mailto:header.i=@mail.heirich.name">header.i=@mail.heirich.name</a> \
header.b=Dgo6O7AQ</p>  <p><br>
    </p>
    <p>regards Peter</p>
    <p><br>
    </p>
  </body>
</html>





_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic