DKIM issues on amavisd-new-2.8.0 (20120630)

Mark Martinec Mark.Martinec+amavis at ijs.si
Sat Jun 21 02:11:16 CEST 2014


Andrei,

> I'm running amavisd-new-2.8.0 (20120630) on 9.1-RELEASE-p14 with perl
> v5.16.3. I am using amavisd-new for mail filtering and DKIM
> signatures. I have setup 4 domains with 4 different keys a while ago.
> Today when I went back to that mail server and issued "amavisd
> testkeys" I get one pass and three errors:
> 
> TESTING#1: a._domainkey.domain1.com     => pass
> TESTING#2: b._domainkey.domain2.com        => invalid (public key:
> Insecure dependency in connect while running with -T switch at
> /usr/local/lib/perl5/5.16/mach/IO/Socket.pm line 115. at
> /usr/local/lib/perl5/site_perl/5.16/Mail/DKIM/DNS.pm line 156.)
> TESTING#3: a._domainkey.domain3.com            => invalid (public key:
> Insecure dependency in connect while running with -T switch at
> /usr/local/lib/perl5/5.16/mach/IO/Socket.pm line 115. at
> /usr/local/lib/perl5/site_perl/5.16/Mail/DKIM/DNS.pm line 156.)
> TESTING#4: a._domainkey.domain4.com           => invalid (public key:
> Insecure dependency in connect while running with -T switch at
> /usr/local/lib/perl5/5.16/mach/IO/Socket.pm line 115. at
> /usr/local/lib/perl5/site_perl/5.16/Mail/DKIM/DNS.pm line 156.)
> 
> I haven't changed anything in DNS or keys, I rechecked the permissions
> to the key files, all seems ok. I know I ran "testkeys" when I set
> them up and they showed up ok. Anyone has any idea what might go wrong
> here?

Bug in Net::DNS when a returned DNS record is truncated (TC flag)
and a fallback to a TCP query is attempted:

   https://rt.cpan.org/Public/Bug/Display.html?id=96608


Mark


More information about the amavis-users mailing list