Hello everyone,
I'm experiencing an issue with the DKIM signature on my mail server and would appreciate any help or advice. Below are the details of the problem.
ruby
Copiar código
DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cabaech.pe;
s=x; h=Content-Type:MIME-Version:Message-IDate:Subject:To:From:Sender:
Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=Jwy+68j5gYvF9nJja310RpiWo+719YpsgD5cySZBuq4=; b=KXR1mkslg6k1GW2ygLs5WxDpKI
AXetx3OdmBi5+6H8QmU7C/pCMigl9iqJdvwlr3gWQriFD/86uu3Tt1cCiBd3fj3RfJFD9ogrAHlel
2cKVrcqJ0ilfpUL49YdOxGGB8I9E5OcObal3Yo5CjH9Idc0QzDQNmuuYCJeeRTiMIuXYtsG5vmbtY
UTFV/IGrzFQs3+YrdEUpOpWxOnkSAbbgADisN8XXkK1pr53qt0I0jHC9nJWWLQ8jC5izzFPi9D51L
/k1+5jhm7uOzW0TCtNS+GNTPy7aCQuJNTDevvW0GRqFnxiAmkiV7GnSE+CUG9MmqJVN1EJmIGZyAD
UxEp/tPA==;
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/relaxed
d= Domain: cabaech.pe
s= Selector: x
q= Protocol: dns/txt
bh= Jwy+68j5gYvF9nJja310RpiWo+719YpsgD5cySZBuq4=
h= Signed Headers: Content-Type:MIME-Version:Message-IDate:Subject:To:From:Sender:
Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive
b= Data: KXR1mkslg6k1GW2ygLs5WxDpKI
AXetx3OdmBi5+6H8QmU7C/pCMigl9iqJdvwlr3gWQriFD/86uu3Tt1cCiBd3fj3RfJFD9ogrAHlel
2cKVrcqJ0ilfpUL49YdOxGGB8I9E5OcObal3Yo5CjH9Idc0QzDQNmuuYCJeeRTiMIuXYtsG5vmbtY
UTFV/IGrzFQs3+YrdEUpOpWxOnkSAbbgADisN8XXkK1pr53qt0I0jHC9nJWWLQ8jC5izzFPi9D51L
/k1+5jhm7uOzW0TCtNS+GNTPy7aCQuJNTDevvW0GRqFnxiAmkiV7GnSE+CUG9MmqJVN1EJmIGZyAD
UxEp/tPA==
Public Key DNS Lookup
Building DNS Query for x._domainkey.cabaech.pe
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFp/TScQLd94HnvzX6cPPmB6HsyGJahqdw89gP9pf4cCop/gPsiM+OawugdpE5BczM33ZMeHMMWpZUO8hqO5srtpq0U0QMgVz63wa+xhVj8giFnB48vInyhtmA+h92qwUcPRYGCdUVAOERdbcLdmQytH412ZoJb9pkPMuzxo8FDxd3a6b2IfTq3vUyZdYB/8slYk/ZlWbaCs6WcWXVMxlbBuuiwuaZ4IW4ckXovpm8+ngt3BEBoK4N/PYb1lOOrBTakTF8s/E4OLqLYpfxcGcqtyJrFk+JXreesnY1bc3YoQu2WIRNLDbBlwy5d7invLDJVyOLHkAj5ZQ06D8S8O2QIDAQAB
Validating Signature
result = fail
Details: bad RSA signature
Best regards,
I'm experiencing an issue with the DKIM signature on my mail server and would appreciate any help or advice. Below are the details of the problem.
Problem Details:
When reviewing the headers of my emails, I encounter the following DKIM signature information:ruby
Copiar código
DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cabaech.pe;
s=x; h=Content-Type:MIME-Version:Message-IDate:Subject:To:From:Sender:
Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=Jwy+68j5gYvF9nJja310RpiWo+719YpsgD5cySZBuq4=; b=KXR1mkslg6k1GW2ygLs5WxDpKI
AXetx3OdmBi5+6H8QmU7C/pCMigl9iqJdvwlr3gWQriFD/86uu3Tt1cCiBd3fj3RfJFD9ogrAHlel
2cKVrcqJ0ilfpUL49YdOxGGB8I9E5OcObal3Yo5CjH9Idc0QzDQNmuuYCJeeRTiMIuXYtsG5vmbtY
UTFV/IGrzFQs3+YrdEUpOpWxOnkSAbbgADisN8XXkK1pr53qt0I0jHC9nJWWLQ8jC5izzFPi9D51L
/k1+5jhm7uOzW0TCtNS+GNTPy7aCQuJNTDevvW0GRqFnxiAmkiV7GnSE+CUG9MmqJVN1EJmIGZyAD
UxEp/tPA==;
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/relaxed
d= Domain: cabaech.pe
s= Selector: x
q= Protocol: dns/txt
bh= Jwy+68j5gYvF9nJja310RpiWo+719YpsgD5cySZBuq4=
h= Signed Headers: Content-Type:MIME-Version:Message-IDate:Subject:To:From:Sender:
Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive
b= Data: KXR1mkslg6k1GW2ygLs5WxDpKI
AXetx3OdmBi5+6H8QmU7C/pCMigl9iqJdvwlr3gWQriFD/86uu3Tt1cCiBd3fj3RfJFD9ogrAHlel
2cKVrcqJ0ilfpUL49YdOxGGB8I9E5OcObal3Yo5CjH9Idc0QzDQNmuuYCJeeRTiMIuXYtsG5vmbtY
UTFV/IGrzFQs3+YrdEUpOpWxOnkSAbbgADisN8XXkK1pr53qt0I0jHC9nJWWLQ8jC5izzFPi9D51L
/k1+5jhm7uOzW0TCtNS+GNTPy7aCQuJNTDevvW0GRqFnxiAmkiV7GnSE+CUG9MmqJVN1EJmIGZyAD
UxEp/tPA==
Public Key DNS Lookup
Building DNS Query for x._domainkey.cabaech.pe
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFp/TScQLd94HnvzX6cPPmB6HsyGJahqdw89gP9pf4cCop/gPsiM+OawugdpE5BczM33ZMeHMMWpZUO8hqO5srtpq0U0QMgVz63wa+xhVj8giFnB48vInyhtmA+h92qwUcPRYGCdUVAOERdbcLdmQytH412ZoJb9pkPMuzxo8FDxd3a6b2IfTq3vUyZdYB/8slYk/ZlWbaCs6WcWXVMxlbBuuiwuaZ4IW4ckXovpm8+ngt3BEBoK4N/PYb1lOOrBTakTF8s/E4OLqLYpfxcGcqtyJrFk+JXreesnY1bc3YoQu2WIRNLDbBlwy5d7invLDJVyOLHkAj5ZQ06D8S8O2QIDAQAB
Validating Signature
result = fail
Details: bad RSA signature
Actions Taken So Far:
- DNS Lookup:
- I verified the DNS record for x._domainkey.cabaech.pe and retrieved the correct public key:
bash
Copiar código
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFp/TScQLd94HnvzX6cPPmB6HsyGJahqdw89gP9pf4cCop/gPsiM+OawugdpE5BczM33ZMeHMMWpZUO8hqO5srtpq0U0QMgVz63wa+xhVj8giFnB48vInyhtmA+h92qwUcPRYGCdUVAOERdbcLdmQytH412ZoJb9pkPMuzxo8FDxd3a6b2IfTq3vUyZdYB/8slYk/ZlWbaCs6WcWXVMxlbBuuiwuaZ4IW4ckXovpm8+ngt3BEBoK4N/PYb1lOOrBTakTF8s/E4OLqLYpfxcGcqtyJrFk+JXreesnY1bc3YoQu2WIRNLDbBlwy5d7invLDJVyOLHkAj5ZQ06D8S8O2QIDAQAB
- I verified the DNS record for x._domainkey.cabaech.pe and retrieved the correct public key:
- Configuration Review:
- I have reviewed the mail server configuration and ensured that the private key being used corresponds to the public key published.
- Message Integrity:
- I checked that the message body is not being modified after signing.
Problem:
The DKIM signature validation continues to fail with the result: fail - bad RSA signature.Question:
- Has anyone experienced similar issues and can offer guidance on how to resolve a failed DKIM signature due to a "bad RSA signature"?
- Are there additional steps I should take to diagnose and resolve this issue?
Best regards,