On 10/30/22 6:13 PM, Jaron Kent-Dobias wrote:
On Sunday, 30 October 2022 at 17:58 (-0400), David Rosenstrauch wrote:
Anyone know why these fail messages might be happening?
FWIW, my OpenDKIM with default settings flagged your earlier email with a DKIM fail, but passed this one. The failure mechanism on the first email was "signature verification failed". I'm no DKIM expert, but perhaps there was a DNS resolution problem at that time and the key was inaccessible?
Hmmm .... that's really weird that the 1st msg failed but the 2nd passed. And this part in particular makes no sense to me:
Relevant part of received headers follows:
From your earlier email:
Authentication-Results: mail.kent-dobias.com; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=darose.net header.i=@darose.net header.a=rsa-sha256 header.s=dreamhost header.b=UaDsk2dh Authentication-Results: mail.kent-dobias.com; dmarc=fail (p=none dis=none) header.from=darose.net Authentication-Results: mail.kent-dobias.com; spf=pass smtp.mailfrom=lists.archlinux.org Authentication-Results: lists.archlinux.org; dkim=pass header.d=darose.net header.s=dreamhost header.b=UaDsk2dh; dmarc=pass (policy=none) header.from=darose.net; spf=pass (lists.archlinux.org: domain of darose@darose.net designates 23.83.214.25 as permitted sender) smtp.mailfrom=darose@darose.net; arc=pass ("mailchannels.net:s=arc-2022:i=1")
So on the 1st msg, Arch's mailman was able to verify my DKIM record, but your OpenDKIM was not. And presumably these were only a few minutes apart from each other. (Possibly even seconds apart.) I guess it's working now, so all's well that ends well? But still really weird. Thanks, DR