cypht
cypht copied to clipboard
dkim body hash fails
🐛 Bugreport
Using the latest code (only one I have tried) emails sent with cypht fail dkim verification. The error is "body hash did not verify"
I think cypht (or one of its libraries) is forgetting the end of the content-type boundary. In my example I am sending as text/plain but the same happens when sending as html or markdown.
Example body of email from cypht (quotes are mine):
"--EEbummS0cqZsZ4jVahUu7l5RWlOhhkRh8dQZC7PRP7RhHV2mfCWQgsiYKPLd Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable
dkim test 25"
and here it is at a destination:
"--EEbummS0cqZsZ4jVahUu7l5RWlOhhkRh8dQZC7PRP7RhHV2mfCWQgsiYKPLd Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable
dkim test 25
--EEbummS0cqZsZ4jVahUu7l5RWlOhhkRh8dQZC7PRP7RhHV2mfCWQgsiYKPLd--"
I am debugging the issue via opendkim's /etc/opendkim.conf options:
KeepTemporaryFiles yes TemporaryDirectory /tmp/
This saves a copy of the body before and after it is sent.
My theory is that either opendkim or sendail is trying to 'fix' the missing boundary by adding the last "--EEbummS0cqZsZ4jVahUu7l5RWlOhhkRh8dQZC7PRP7RhHV2mfCWQgsiYKPLd--" which invalidates the dkim body hash.
I could be totally wrong and it could be something else. Something to do with CR/LF's, or an encoding / canonicalization issue.
Version & Environment
Rev: [10813]
OS: [cent os 7]
Steps to reproduce
- Have opendkim running and correctly configured to sign outgoing emails.
- Send any message to a gmail.com address.
- View the message on gmail and click 'show original' check the dkim status.
- Compare the message before it is mailed by cypht and the message at the destination.