OpenSSL error: data too large for key size

Mark Martinec Mark.Martinec+amavis at ijs.si
Mon Oct 10 18:02:20 CEST 2011


Ralf wrote:

> Sep 30 13:43:18 mail amavis[11001]: (11001-11)
> dkim: FAILED Author+Sender+MailFrom signature
> by d=galahotels.com, From: <promotions at galahotels.com>,
> a=rsa-sha1, c=simple, s=mail, i=promotions at galahotels.com, ...
> fail (OpenSSL error: data too large for key size)
> 
> and
> 
> Sep 30 14:02:00 mail amavis[17575]: (17575-10)
> dkim: FAILED Author+Sender+MailFrom signature by d=jobmensa.de,
> From: <Jobvorschlag at jobmensa.de>, a=rsa-sha256, c=relaxed/relaxed,
> s=mail, i=@jobmensa.de, invalid (public key: OpenSSL error: too long)
> 
> What are those errors?

 
Michael wrote:
> sender has a borked dkim public key.
> <http://dkimcore.org/c/keycheck>
> put in 'mail' for selector
> put in jobmensa.de for domain.


Indeed. This typically happens if a private key is associated
with a public key belonging to another key of different size.

  Mark


More information about the amavis-users mailing list