BridgeDB's DKIM validator seems to be broken
I didn't even know we were using this Python package -- it wasn't mentioned in any of the docs, nor the requirements.txt file, and not to mention it appears to be installed via the system package manager.
This seems to be the package, and these are the errors:
Traceback (most recent call last):
File "/usr/bin/dkimverify", line 40, in <module>
res = dkim.verify(message)
File "/usr/lib/python2.7/dist-packages/dkim/__init__.py", line 603, in verify
return d.verify(dnsfunc=dnsfunc)
File "/usr/lib/python2.7/dist-packages/dkim/__init__.py", line 505, in verify
validate_signature_fields(sig)
File "/usr/lib/python2.7/dist-packages/dkim/__init__.py", line 180, in validate_signature_fields
if int(sig[b'x']) < int(sig[b't']):
KeyError: 't'
and
Traceback (most recent call last):
File "/usr/bin/dkimverify", line 40, in <module>
res = dkim.verify(message)
File "/usr/lib/python2.7/dist-packages/dkim/__init__.py", line 603, in verify
return d.verify(dnsfunc=dnsfunc)
File "/usr/lib/python2.7/dist-packages/dkim/__init__.py", line 538, in verify
s = dnsfunc(name)
File "/usr/lib/python2.7/dist-packages/dkim/dnsplug.py", line 82, in get_txt
txt = _get_txt(unicode_name)
File "/usr/lib/python2.7/dist-packages/dkim/dnsplug.py", line 31, in get_txt_dnspython
a = dns.resolver.query(name, dns.rdatatype.TXT,raise_on_no_answer=False)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 920, in query
raise_on_no_answer, source_port)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 847, in query
timeout = self._compute_timeout(start)
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 692, in _compute_timeout
raise Timeout
dns.exception.Timeout
procmail: [11285] Thu Jun 20 13:07:45 2013
procmail: No match on "^To: yangcong@bridges.torproject.org"
procmail: Executing "formail,-I,X-DKIM-Authentication-Results: dunno"
procmail: Match on "^DKIM-Signature:"
procmail: Executing "dkimverify"
procmail: Non-zero exitcode (1) from "dkimverify"
procmail: No match on "dkimverify"
procmail: Executing "esmtp,-C,/srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver,bridges@bridgedb"
procmail: Assigning "LASTFOLDER=esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver bridges@bridgedb"
procmail: Notified comsat: "bridgedb@:/home/bridgedb/esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver bridges@bridgedb"
From aagbsn@gmail.com Thu Jun 20 13:07:45 2013
Subject: get bridges
Folder: esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-de 3524
procmail: [11291] Thu Jun 20 13:07:47 2013
procmail: No match on "^To: yangcong@bridges.torproject.org"
procmail: Executing "formail,-I,X-DKIM-Authentication-Results: dunno"
procmail: Match on "^DKIM-Signature:"
procmail: Executing "dkimverify"
procmail: Non-zero exitcode (1) from "dkimverify"
procmail: No match on "dkimverify"
procmail: Executing "esmtp,-C,/srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver,bridges@bridgedb"
procmail: Assigning "LASTFOLDER=esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver bridges@bridgedb"
procmail: Notified comsat: "bridgedb@:/home/bridgedb/esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-deliver bridges@bridgedb"
From aagbsn@gmail.com Thu Jun 20 13:07:47 2013
Subject: get bridges
Folder: esmtp -C /srv/bridges.torproject.org/etc/estmprc-bridgedb-de 4344
Those are old logs, but the errors are still happening.