#3018: Email messages inconsistently signed
------------------------------+-----------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Keywords:
------------------------------+-----------------------
- a `Welcome to the "postgis-tickets" mailing list` message I got was not
DKIM-signed
- a `[SCM] PostGIS branch master updated. 3.4.0rc1-749-g42f04a29e`
message was signed, but with a broken signature:
{{{
dkim=fail (message has been altered, 2048-bit rsa key sha256)
header.d=osgeo.org header.i=@osgeo.org header.b=HFXPb4eW
header.a=rsa-sha256 header.s=mail;
dkim=pass (2048-bit rsa key sha256) header.d=osgeo.org
header.i=@osgeo.org header.b=B8QP3oc/ header.a=rsa-sha256
header.s=mail;
}}}
- `[SAC] [OSGeo] #3013: Submission service to send formal emails (was:
Mail Submission Agent service to send formal emails)` was not signed at
all
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018>
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Resolution:
Keywords: |
------------------------------+------------------------
Description changed by lnicola:
Old description:
- a `Welcome to the "postgis-tickets" mailing list` message I got was not
DKIM-signed
- a `[SCM] PostGIS branch master updated. 3.4.0rc1-749-g42f04a29e`
message was signed, but with a broken signature:
{{{
dkim=fail (message has been altered, 2048-bit rsa key sha256)
header.d=osgeo.org header.i=@osgeo.org header.b=HFXPb4eW
header.a=rsa-sha256 header.s=mail;
dkim=pass (2048-bit rsa key sha256) header.d=osgeo.org
header.i=@osgeo.org header.b=B8QP3oc/ header.a=rsa-sha256
header.s=mail;
}}}
- `[SAC] [OSGeo] #3013: Submission service to send formal emails (was:
Mail Submission Agent service to send formal emails)` was not signed at
all
New description:
- a `Welcome to the "postgis-tickets" mailing list` message I got was not
DKIM-signed
- a `[SCM] PostGIS branch master updated. 3.4.0rc1-749-g42f04a29e`
message was signed, but with a broken signature:
{{{
dkim=fail (message has been altered, 2048-bit rsa key sha256)
header.d=osgeo.org header.i=@osgeo.org header.b=HFXPb4eW
header.a=rsa-sha256 header.s=mail;
dkim=pass (2048-bit rsa key sha256) header.d=osgeo.org
header.i=@osgeo.org header.b=B8QP3oc/ header.a=rsa-sha256
header.s=mail;
}}}
- `[SAC] [OSGeo] #3013: Submission service to send formal emails (was:
Mail Submission Agent service to send formal emails)` was not signed at
all
- strk says outgoing messages are signed, not sure which ones
--
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Resolution:
Keywords: |
------------------------------+------------------------
Comment (by strk):
- The `[SCM]` message comes from tracsvn machine via a git hook. This
should go via postgis-ticket so not sure why signature is broken, can you
tell ?
- The `[SAC]` message is from sac mailing list, which is currently
modifying the message and should stop doing so, see
https://trac.osgeo.org/osgeo/ticket/3011#comment:23
- The welcome message should be coming from pickup service but I'll be
able to tell more if you provide a message-id for it
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Resolution:
Keywords: |
------------------------------+------------------------
Comment (by strk):
The opendkim configuration is now in ansible, if you want to take a look,
lnicola
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Resolution:
Keywords: |
------------------------------+------------------------
Comment (by strk):
Maybe we could use the trac wiki to document the various ways outgoing
emails are signed, I've just received one from the new discourse service
(discourse.osgeo.org) and it is not signed at all:
{{{
dkim=none; dmarc=pass (policy=none) header.from=osgeo.org; spf=pass
(spool.mail.gandi.net: domain of
"SRS0=JIbU=HZ=discourse.osgeo.org=noreply@osgeo.org" designates
140.211.15.3 as permitted sender)
smtp.mailfrom="SRS0=JIbU=HZ=discourse.osgeo.org=noreply@osgeo.org"
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Postfix | Resolution:
Keywords: dkim, spf, dmarc |
------------------------------+------------------------
Changes (by strk):
* keywords: => dkim, spf, dmarc
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3018#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+-----------------------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2024-III
Component: SysAdmin/Postfix | Resolution:
Keywords: dkim, spf, dmarc |
------------------------------+-----------------------------------------
Changes (by strk):
* milestone: Unplanned => Sysadmin Contract 2024-III
--
Ticket URL: <#3018 (Email messages inconsistently signed) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3018: Email messages inconsistently signed
------------------------------+-----------------------------------------
Reporter: lnicola | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2024-III
Component: SysAdmin/Postfix | Resolution:
Keywords: dkim, spf, dmarc |
------------------------------+-----------------------------------------
Comment (by strk):
Possibly useful ansible role: GitHub - FoxyRoles/ansible-dkim: Ansible role for opendkim with postfix on ubuntu setup
--
Ticket URL: <#3018 (Email messages inconsistently signed) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.