Gmail (thus Nanog) rejecting ipv6 email

Bjørn Mork bjorn at mork.no
Sun Apr 3 19:12:07 UTC 2022


On a slightly related subject... This DKIM failure surprised me, but at
least I verified that many NANOG subscribers have mailservers returning
DMARC failure reports ;-)

Bjørn Mork <bjorn at mork.no> writes:

> Authentication-Results: mx.google.com;
>  dkim=fail [email protected] header.s=b header.b=NB0BT8Ez;
>  spf=pass (google.com: best guess record for domain of bjorn at miraculix.mork.no
>  designates 2001:41c8:51:8a:feff:ff:fe00:e5 as permitted sender)
>  smtp.mailfrom=bjorn at miraculix.mork.no; 
>  dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mork.no
> Received: from canardo.dyn.mork.no ([IPv6:2a01:799:c9f:8600:0:0:0:1])
>  (authenticated bits=0)
>  by louie.mork.no (8.15.2/8.15.2) with ESMTPSA id 233IGnGC342047
>  (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK);
>  Sun, 3 Apr 2022 19:16:50 +0100
> Received: from miraculix.mork.no ([IPv6:2a01:799:c9f:8602:8cd5:a7b0:d07:d516])
>  (authenticated bits=0)
>  by canardo.dyn.mork.no (8.15.2/8.15.2) with ESMTPSA id 233IGnKb1147676
>  (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK);
>  Sun, 3 Apr 2022 20:16:49 +0200
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mork.no; s=b;
>  t=1649009809; bh=ZByFGHIiZPQYmJjQnCv16CXFZhKG8U3fTayR+Mx3piY=;
>  h=From:To:Cc:Subject:References:Date:Message-ID:From;
>  b=NB0BT8EzJBl2E3jzDaz7QY4C/utMGKFF+HCs8qjQFoHA4JHTD21ZkTk34jp2VOiJ0
>  pYWHUNXCNaEBK44Hr4U96h5pfXor+dqo0cSuRPTLNnRsoLAQg2kqmQkvylagdeezZc
>  4p+jQEQv5La2KbjzEIvW6iSGwwe4ltT9hu7h0H8U=
> Received: (nullmailer pid 389787 invoked by uid 1000);
>  Sun, 03 Apr 2022 18:16:48 -0000
> From: =?utf-8?Q?Bj=C3=B8rn_Mork?= <bjorn at mork.no>
> To: Randy Bush <randy at psg.com>
> Cc: John Levine <johnl at iecc.com>,
>         "North American Network Operators' Group" <nanog at nanog.org>
> Subject: Re: Gmail (thus Nanog) rejecting ipv6 email
> Organization: m
> References: <875ynqcvsl.fsf at miraculix.mork.no>
>  <20220403164123.4CE413A4B99C at ary.qy> <m28rsmjbu9.wl-randy at psg.com>
> Date: Sun, 03 Apr 2022 20:16:48 +0200
> In-Reply-To: <m28rsmjbu9.wl-randy at psg.com> (Randy Bush's message of "Sun, 03
>  Apr 2022 10:50:06 -0700")
> Message-ID: <87v8vqav73.fsf at miraculix.mork.no>


Did a little testing, and it looks like opendkim create a bogus
signature if a quoted-string diplay name in a To or Cc headers contains
an apostrophe. Not good at all.


Bjørn


More information about the NANOG mailing list