n1kt0
July 10, 2020, 1:08pm
1
Hello.
Maybe I don’t understand something.
192.168.6.1 - Mikrotik RB760iGS
routerboard
package 6.47
dig mail2._domainkey.mail.ru TXT @192.168.6.1
;; ANSWER SECTION:
mail2._domainkey.mail.ru. 429 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN"
dig mail2._domainkey.mail.ru TXT @8.8.8.8
;; ANSWER SECTION:
mail2._domainkey.mail.ru. 284 IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN" "ADCBiQKBgQC8msGcERt9i1AqEs6Dl5n0btBDj4W3IjzNg1xA" "ExTn1Wb7wjRk9ed8oJ6Xnxn2jSYwbt3G65lW8LK/8vVdx2ar" "FexHgKmOXT5RKIeiYFkHmLEtycrRkyJHr6n7rsjwlFSayXnx" "rM0xbum3oHXgNJUI1XQXJNoQPmAXoMCbi2yB7QIDAQAB"
Is it normal that the answers are different?
Sob
July 10, 2020, 2:03pm
2
No. And there’s definitely something weird. This exact query works fine with older RouterOS versions. I don’t have 6.47 anymore, but with 6.47.1 and 6.48beta it fails completely. Packet sniffer shows that RouterOS sends query to upstream resolver, but ignores received answer and reports server failure to client.
n1kt0
July 10, 2020, 3:26pm
3
Hello.
Yes, I updated the firmware a week ago and found that my mail server began sending letters from mail.ru to spam.
X-Spam-Status: Yes, score=9.811 required=4 tests=[BAYES_00=-1.9,DMARC_FAIL_REJECT=9 ,
Authentication-Results: mail.test.com (amavisd-new); dkim=neutralreason=“invalid (public key: OpenSSL error: too long)” header.d=mail.ru
I reconfigured the mail server to public DNS and everything began to work correctly.
It is strange that no one else has discovered such a situation.
Sob
July 10, 2020, 3:58pm
4
It’s a bug. I reported it in 6.48beta thread , so it should get noticed and hopefully fixed soon.