Closed PaulMcF1987 closed 1 year ago
Thanks for the report an the log, but could you please make sure you get it from the Error console?
My guess is that you are using the JavaScript DNS resolver. But the log is missing the entities from it (log messages that contain DKIM_Verifier.JSDNS
)
@lieser I looked at the error console but it didnt seem to give much info
This is what I get
A different message is clicked background.js:28:17
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. contentAreaClick.js:97:6
contentscript: set content-script.js:94:15
contentscript: MUA info content-script.js:94:15
In content script, enmty.png content-script.js:111:21
WebExtensions: JSDNS failed with: Incomplete response from 1.1.1.1. jsdns.js:99
DKIM_Verifier.Verifier ERROR Internal error during DKIM verification:
@lieser any recommendations? Im confused as to how it works on the laptop but not the desktop, the settings appear identical, it just suddenly stopped working
In the error console you should also see messages like the following:
DKIM_Verifier.JSDNS: changed DNS Servers to <...>
DKIM_Verifier.JSDNS: Resolving <...> TXT by querying <...>
Please make sure you have enabled all log categories at the top of the Error Console window.
Also which Thunderbird version are you using?
In the new log an actual error (SDNS failed with: Incomplete response from 1.1.1.1.
) now shows up, so that is already something.
The error means that from the look of the add-on the connection to the DNS server is closed before all data is received.
Why this is happening I have no idea. Could be some weird network problem, or some bug in the addon.
To investigate this I would need a lot more information. Either by getting a capture of the network traffic to the DNS server or with a custom debug build that prints all received data. But that would require the logging to work for you in the first place.
Let me know if you would be willing to do some extended debugging here.
As a workaround, if you haven't already done it, you should try using the libunbound resolver.
@lieser I dont think the process makes it far enough to give the errors you mentioned above.
The only mentioning of DKIMVerifier is
WebExtensions: JSDNS failed with: Incomplete response from 1.1.1.1. jsdns.js:99
DKIM_Verifier.Verifier ERROR Internal error during DKIM verification: <unavailable> verifier.mjs.js:1349:8
_handleException moz-extension://6c4252a4-2bee-478f-b833-ce0c10193961/modules/dkim/verifier.mjs.js:1349
_processSignatures moz-extension://6c4252a4-2bee-478f-b833-ce0c10193961/modules/dkim/verifier.mjs.js:1394
I have attached a screenshot showing the same
Ive never used libunbound and am not sure what is required (it mentions installing a library etc, Id imagine I would need to keep this up to date?)
I am happy to help with debugging if there is any other information I can get for you?
I created a version which captures and logs the complete DNS response. Look for dataAll
in the log messages and post it here as text.
dkim_verifier@pl-2023-06-03-1c214fc.zip
Can you please tell which Thunderbird version you are using? You probably missed that I asked for it.
I also included some log test
and console test
log messages. Do you see any of them?
And I assume you already enabled the logging in the advanced settings, but can you please double check that it is enabled?
Please also check that you have enabled Show Content Messages
in the gear icon on the top right.
I would have expected a lot more messages to be shown in the screenshot you posted.
Ive never used libunbound and am not sure what is required (it mentions installing a library etc, Id imagine I would need to keep this up to date?)
Yes if you are on Windows and not Linux you would have to unfortunately update libunbound manually. More information about libunbound is available in the wiki https://github.com/lieser/dkim_verifier/wiki/DNS#libunbound.
@lieser Sorry, I am using Thunderbird version 102.12.0, I think thats the latest version. How do I install the file you have added above? Ive never done a manual install on Thunderbird
Just open the Add-on manager and drag the downloaded zip file into it. Thunderbird should then ask you if you want to install it. See also https://support.mozilla.org/en-US/kb/installing-addon-thunderbird#w_a-slightly-less-ideal-case-install-from-a-downloaded-xpi-file.
@lieser Do I need to remove the old extension first?
@lieser Do I need to remove the old extension first?
No should not be needed, even if it is a downgrade (in case you already updated to 5.3.1/5.3.1).
@lieser after adding the zip file above, the DKIM verifier is working again
Strange there should be no relevant change between 5.2.0 and the test version I posted.
Can you please report which of the test log messages you saw?
And afterwards please try the newest released 5.3.1 version. If that works I don't think this is worth further investigating and I will just close it.
@lieser Strange, Ive come back into the office today and the extension is no longer added so I am unable to check any logs asociated with it. I have added the updated addon and its back to giving the error
I have readded the extension form the zip file you provided but this time its giving an error. Strange how it worked yesderday.
Please provide the already requested information (https://github.com/lieser/dkim_verifier/issues/366#issuecomment-1574969871) the provided extension additionally provides. Without it there is no further Investigating I can do.
@lieser where do i find this info?
In the error console, I especially used the same logging as with the WebExtensions: JSDNS failed with: Incomplete response
you did see before.
If you still have all this problems with the log messages maybe also try to test with a new clean Thunderbird profile. Something seems to be messed up with your installation.
@lieser the DKIM extension that you provided has disappeared again. It seems to keep removing itself from thunderbird.
DKIM_Verifier.Verifier DEBUG 1 DKIM-Signatures found. verifier.mjs.js:1467:8 DKIM_Verifier.Verifier DEBUG Verifying DKIM-Signature 1 ... verifier.mjs.js:1482:9 DKIM_Verifier.Verifier DEBUG Parsed DKIM-Signature 1: Object { original_header: "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendgrid.net;\r\n\th=content-transfer-encoding:content-type:from:mime-version:subject:to:\r\n\tcc:content-type:from:subject:to;\r\n\ts=smtpapi; bh=ub3YInutBotKovQzr/yiFMfDCR7DhRHjC2mSbrOyLYE=;\r\n\tb=Ed8wuEKxqqFwBJ6x1eeuz5OLfC05bqTnOLoan8T7MonQNjBlnQfLQAZ4rgE6qOTTG4cu\r\n\t1CbQyBLQm4VOw0VlMZRjY6+dAX3MEU4ths10SmLVasIRRdoPhMQMkUOEfRy0GPC3RVUNE5\r\n\tNWvo0gxkaqg1fhycyTGD3568kG7Q18+ug=\r\n", v: "1", a_sig: "rsa", a_hash: "sha256", b: "Ed8wuEKxqqFwBJ6x1eeuz5OLfC05bqTnOLoan8T7MonQNjBlnQfLQAZ4rgE6qOTTG4cu1CbQyBLQm4VOw0VlMZRjY6+dAX3MEU4ths10SmLVasIRRdoPhMQMkUOEfRy0GPC3RVUNE5NWvo0gxkaqg1fhycyTGD3568kG7Q18+ug=", b_folded: "Ed8wuEKxqqFwBJ6x1eeuz5OLfC05bqTnOLoan8T7MonQNjBlnQfLQAZ4rgE6qOTTG4cu\r\n\t1CbQyBLQm4VOw0VlMZRjY6+dAX3MEU4ths10SmLVasIRRdoPhMQMkUOEfRy0GPC3RVUNE5\r\n\tNWvo0gxkaqg1fhycyTGD3568kG7Q18+ug=", bh: "ub3YInutBotKovQzr/yiFMfDCR7DhRHjC2mSbrOyLYE=", c_header: "relaxed", c_body: "relaxed", d: "sendgrid.net", … } verifier.mjs.js:1484:9 DKIM_Verifier.Verifier DEBUG Warning: DKIM_SIGWARNING_FROM_NOT_IN_SDID verifier.mjs.js:1073:8 DKIM_Verifier.Verifier DEBUG computed body hash: ub3YInutBotKovQzr/yiFMfDCR7DhRHjC2mSbrOyLYE= verifier.mjs.js:1233:7 DKIM_Verifier.KeyStore DEBUG dns result Object { data: null, rcode: 2, secure: false, bogus: false } keyStore.mjs.js:369:7 DKIM_Verifier.KeyStore INFO DNS query failed with result: Object { data: null, rcode: 2, secure: false, bogus: false } keyStore.mjs.js:375:8 DKIM_Verifier.Verifier ERROR Internal error during DKIM verification: DKIM_InternalError: DKIM_DNSERROR_SERVER_ERROR
fetchKey moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/keyStore.mjs.js:328
#fetchKey moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1251
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1377
#processSignatures moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1486
promise moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1535
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1539
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/authVerifier.mjs.js:182
verifyMessage moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/content/background.mjs.js:82
<anonymous> moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/content/background.mjs.js:188
verifier.mjs.js:1445:8
DKIM_Verifier.Verifier DEBUG Exception on DKIM-Signature 1 verifier.mjs.js:1490:9
DKIM_Verifier.AuthVerifier DEBUG authResult:
Object { version: "2.1", dkim: (1) […] }
authVerifier.mjs.js:198:7
DKIM_Verifier.Verifier DEBUG 1 DKIM-Signatures found. verifier.mjs.js:1467:8
DKIM_Verifier.Verifier DEBUG Verifying DKIM-Signature 1 ... verifier.mjs.js:1482:9
DKIM_Verifier.Verifier DEBUG Parsed DKIM-Signature 1:
Object { original_header: "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n d=dorsuite.onmicrosoft.com; s=selector2-dorsuite-onmicrosoft-com;\r\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\r\n bh=p9P4kxij+LHKHkORpHR/ZarX2yTM8CYGi7aZvwQRFb8=;\r\n b=C2KuYfIG2epIIrRrTJJ9+RQc/3xJba0g9TkiXtOLmaql0IiXd6xE469i37vcReYxtsWqaeocPrgZ5cxlnbBJ9QtiDZPFRY1w/DoOZRJgQfx1NNx7KLiGTSqVSSmKYp5sQewxD00Zvl0A96xXa1VEyZ6gTa9IT5tdB6oGWOY8Uw8=\r\n", v: "1", a_sig: "rsa", a_hash: "sha256", b: "C2KuYfIG2epIIrRrTJJ9+RQc/3xJba0g9TkiXtOLmaql0IiXd6xE469i37vcReYxtsWqaeocPrgZ5cxlnbBJ9QtiDZPFRY1w/DoOZRJgQfx1NNx7KLiGTSqVSSmKYp5sQewxD00Zvl0A96xXa1VEyZ6gTa9IT5tdB6oGWOY8Uw8=", b_folded: "C2KuYfIG2epIIrRrTJJ9+RQc/3xJba0g9TkiXtOLmaql0IiXd6xE469i37vcReYxtsWqaeocPrgZ5cxlnbBJ9QtiDZPFRY1w/DoOZRJgQfx1NNx7KLiGTSqVSSmKYp5sQewxD00Zvl0A96xXa1VEyZ6gTa9IT5tdB6oGWOY8Uw8=", bh: "p9P4kxij+LHKHkORpHR/ZarX2yTM8CYGi7aZvwQRFb8=", c_header: "relaxed", c_body: "relaxed", d: "dorsuite.onmicrosoft.com", … }
verifier.mjs.js:1484:9
DKIM_Verifier.Verifier DEBUG Warning: DKIM_SIGWARNING_FROM_NOT_IN_SDID verifier.mjs.js:1073:8
DKIM_Verifier.Verifier DEBUG computed body hash: p9P4kxij+LHKHkORpHR/ZarX2yTM8CYGi7aZvwQRFb8= verifier.mjs.js:1233:7
DKIM_Verifier.KeyStore DEBUG dns result
Object { data: null, rcode: 2, secure: false, bogus: false }
keyStore.mjs.js:369:7
DKIM_Verifier.KeyStore INFO DNS query failed with result:
Object { data: null, rcode: 2, secure: false, bogus: false }
keyStore.mjs.js:375:8
DKIM_Verifier.Verifier ERROR Internal error during DKIM verification: DKIM_InternalError: DKIM_DNSERROR_SERVER_ERROR
fetchKey moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/keyStore.mjs.js:328
#fetchKey moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1251
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1377
#processSignatures moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1486
promise moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1535
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/dkim/verifier.mjs.js:1539
verify moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/modules/authVerifier.mjs.js:182
verifyMessage moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/content/background.mjs.js:82
<anonymous> moz-extension://2cbfd8f4-c9ac-4e58-84ce-bc4bb504364d/content/background.mjs.js:188
verifier.mjs.js:1445:8
DKIM_Verifier.Verifier DEBUG Exception on DKIM-Signature 1 verifier.mjs.js:1490:9
DKIM_Verifier.AuthVerifier DEBUG authResult:
Object { version: "2.1", dkim: (1) […] }
authVerifier.mjs.js:198:7
Is the above what you need?
No the important logs with the dataAll
part are missing. Note that I will not be able to further work on this the next days.
@lieser Where do i get this info from? The attached pic shows where I am getting the current info from
Just saw you last screenshot, and that does not look at all like the Error Console I asked you to open. It looks like you are looking at the console of the debugging view of the add-on, which does not show log the relevant messages of the experiments.
Please use the Error Console for any further debugging of this issue.
See https://github.com/lieser/dkim_verifier/wiki/Debug#view-error-and-debug-messages for a description on how to open it.
@lieser is there a recommended way to export the details? What I have managed to extract is
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”. {538b5b6b-b715-4904-8c18-1dcbb0289ee8}
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”. blank
A different message is clicked background.js:28:17
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”. fetch>UID>.INBOX>33446
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. contentAreaClick.js:97:6
DKIM_Verifier.Verifier DEBUG 1 DKIM-Signatures found. verifier.mjs.js:1467:8
DKIM_Verifier.Verifier DEBUG Verifying DKIM-Signature 1 ... verifier.mjs.js:1482:9
DKIM_Verifier.Verifier DEBUG Parsed DKIM-Signature 1:
Object { original_header: "DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fab24.onmicrosoft.com;\r\n s=selector1-fab24-onmicrosoft-com;\r\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\r\n bh=Iw9tWvI/YHoTLD5/U7ZreyMP50QPR34tyO+EERVKZXM=;\r\n b=urLaBy4TTOxDTdpxGjU2F270jk3m2Jj+j4Phjbvlxr72ZltKSZDQtWu9ohKWZINePh5LpH6q20xP9J88mb4OtmK9Ho6bfAgBO0ZkmWqzi3nbWBSAufwq8RG8UhjUsSU1aigA54IlVyszy+vC8+i5UiKSfcTjjFNW17ScNfIyJm8=\r\n", v: "1", a_sig: "rsa", a_hash: "sha256", b: "urLaBy4TTOxDTdpxGjU2F270jk3m2Jj+j4Phjbvlxr72ZltKSZDQtWu9ohKWZINePh5LpH6q20xP9J88mb4OtmK9Ho6bfAgBO0ZkmWqzi3nbWBSAufwq8RG8UhjUsSU1aigA54IlVyszy+vC8+i5UiKSfcTjjFNW17ScNfIyJm8=", b_folded: "urLaBy4TTOxDTdpxGjU2F270jk3m2Jj+j4Phjbvlxr72ZltKSZDQtWu9ohKWZINePh5LpH6q20xP9J88mb4OtmK9Ho6bfAgBO0ZkmWqzi3nbWBSAufwq8RG8UhjUsSU1aigA54IlVyszy+vC8+i5UiKSfcTjjFNW17ScNfIyJm8=", bh: "Iw9tWvI/YHoTLD5/U7ZreyMP50QPR34tyO+EERVKZXM=", c_header: "relaxed", c_body: "relaxed", d: "fab24.onmicrosoft.com", … }
verifier.mjs.js:1484:9
DKIM_Verifier.Verifier DEBUG Warning: DKIM_SIGWARNING_FROM_NOT_IN_SDID verifier.mjs.js:1073:8
DKIM_Verifier.Verifier DEBUG computed body hash: Iw9tWvI/YHoTLD5/U7ZreyMP50QPR34tyO+EERVKZXM= verifier.mjs.js:1233:7
DKIM_Verifier.JSDNS: No DNS Server alive. JSDNS.jsm.js:401:7
DKIM_Verifier.JSDNS: Found interfaces:
Array(11) [ {…}, {…}, {…}, {…}, {…}, {…}, {…}, {…}, {…}, {…}, … ]
JSDNS.jsm.js:279:8
DKIM_Verifier.JSDNS: Got servers from Windows registry:
Array(6) [ {…}, {…}, {…}, {…}, {…}, {…} ]
JSDNS.jsm.js:310:9
DKIM_Verifier.JSDNS: Changed DNS Servers to:
Array(4) [ {…}, {…}, {…}, {…} ]
JSDNS.jsm.js:186:6
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com TXT by querying 1.1.1.1 JSDNS.jsm.js:439:6
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com/TXT: DNS server 1.1.1.1 timed out on a TCP connection. JSDNS.jsm.js:498:10
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com TXT by querying 1.0.0.1 JSDNS.jsm.js:439:6
contentscript: set content-script.js:94:15
contentscript: MUA info content-script.js:94:15
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com/TXT: DNS server 1.0.0.1 timed out on a TCP connection. JSDNS.jsm.js:498:10
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com TXT by querying 198.51.100.1 JSDNS.jsm.js:439:6
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com/TXT: DNS server 198.51.100.1 timed out on a TCP connection (NS_ERROR_NET_TIMEOUT). JSDNS.jsm.js:503:10
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com TXT by querying 8.8.8.8 JSDNS.jsm.js:439:6
DKIM_Verifier.JSDNS: Resolving selector1-fab24-onmicrosoft-com._domainkey.fab24.onmicrosoft.com/TXT: DNS server 8.8.8.8 timed out on a TCP connection. JSDNS.jsm.js:498:10
WebExtensions: JSDNS failed with: no DNS Server alive jsdns.js:81
DKIM_Verifier.Verifier ERROR Internal error during DKIM verification:
Object { version: "2.1", dkim: (1) […] }
authVerifier.mjs.js:198:7
Expected 'none', URL, or filter function but found 'alpha('. Error in parsing value for 'filter'. Declaration dropped. index.html:3:94
If you look at the log you can see all connection attempts to the DNS servers resulted in DNS server x.x.x.x timed out on a TCP connection. So it seems to be a network problem on your site.
As you wrote about this occurring while you are in the office, you could talk with your IT about if direct internet access to e.g. 8.8.8.8
. Or if there is an internal DNS server you can use. Note that the JavaScript DNS library also supports setting a proxy server if it is required in your network.
is there a recommended way to export the details?
Sadly I don't know of a better way than to just copy out the text.
@lieser The confusing thing is... If there is a network problem at my side, why would it only effect the DKIM verifier? I havent noticed anything else being effected, everything else works fine.
Is there a particular method applied by the Verifier that the networks security might not like?
It could be that other Programs you use read the proxy settings that can be set in Windows and use it. or if they are managed by your IT they did some special configuration for it.
What the add-on does is just doing normal TCP connections. Maybe not that common for connecting to DNS servers but something that should work unless blocked.
Unfortunately I don't think there is much more I can help out here until you find out what is going on in the network at your office.
@lieser I am in an office block and the internet connection is provided by the landlord, I would imagine that he then has a 3rd party outsourced company managing it.
The fact that everything else works as it is supposed to, I dont think I could justify asking him to check this issue as its not a massive issue in the grand scheme of things.
What I might do, is bring my laptop to the office, I know the verifier works on my laptop in the house, so it would be interesting to compare
Also, are there any settings that I can check on Windows? Incase a recent update has had an effect
Just a wild guess: Maybe access to external DNS is restricted and you need to use an internal DNS server at your office?
Check to use the operating servers DNS servers in DKIM Verifier or open a PowerShell and enter Get-DnsClientServerAddress | Select InterfaceAlias,ServerAddresses
to see, which DNS servers are used by your operating system.
@PaulMcF1987 What you could try to further investigate the issue is if the DNS servers tried by the addon are reachable from Windows using it's internal tools.
Run the following 9 command in the Windows Command Prompt (cmd):
:: Try a normal ping.
ping 1.1.1.1
ping 1.0.0.1
ping 8.8.8.8
ping 198.51.100.1
:: Try DNS query using UDP.
nslookup -type=TXT pf2023._domainkey.github.com 1.1.1.1
nslookup -type=TXT pf2023._domainkey.github.com 1.0.0.1
nslookup -type=TXT pf2023._domainkey.github.com 8.8.8.8
nslookup -type=TXT pf2023._domainkey.github.com 198.51.100.1
:: Try DNS query using TCP.
nslookup -type=TXT -vc pf2023._domainkey.github.com 1.1.1.1
nslookup -type=TXT -vc pf2023._domainkey.github.com 1.0.0.1
nslookup -type=TXT -vc pf2023._domainkey.github.com 8.8.8.8
nslookup -type=TXT -vc pf2023._domainkey.github.com 198.51.100.1
Like @dodmi wrote it could be that external DNS servers are restricted, and only 198.51.100.1
works but does not support TCP.
But that IP is very strange, it is from an IP range restricted for documentation (https://en.wikipedia.org/wiki/Reserved_IP_addresses#IPv4).
@lieser
I have attached some screenshots of each section
With the Pings, all worked well apart from 198.51.100.1
- Request Timed Out
The DNS using UDP
returned a result for all IPs, however for ip - 198.51.100.1 gave Server:Unknown
DNS using TCP didnt work for any of them
again 198.51.100.1 gave a different response. Its response was Query refused
all others gave a response of BAD ERROR VALUE
Looks like your network in the office is configured in a way that DNS over TCP does not work. Why or how I don't know and I don't think I can further debug. This would need to be done by someone responsible for the network in your office.
You should use the libunbound resolver as a workaround (https://github.com/lieser/dkim_verifier/wiki/DNS#libunbound). That one uses UDP for the DNS query, which from the test should work without a problem.
@lieser im not having much joy with this either as the video shows. It is telling me that the addon is corrpt.
https://github.com/lieser/dkim_verifier/assets/75368133/69565864-8183-4943-9bc0-a0cd353fbb7c
https://github.com/lieser/dkim_verifier/assets/75368133/8dff52ea-2ed9-4362-a44e-f2f154334dde
Thanks for the effort with the videos, that makes it easy for me to see what your are doing wrong.
The zip file you downloaded with the included libunbound-8.dll
is not an add-on for Thunderbird! Trying to install it as an add-on will of course fail. It is just an additional file you need besides the normal DKIM Verifier add-on.
The documentation in the wiki I linked has under [Windows] Use a pre-build libunbound library a step-by-step instruction. Please follow that carefully, and let me know if a step is unclear.
If you got confused in step 2 by "to the extensions folder in your Thunderbird profile", this is talking about moving the file to a location in the normal file system of windows. Not anywhere inside the Thunderbird application itself. See also https://support.mozilla.org/en-US/kb/profiles-where-thunderbird-stores-user-data, but like it says you can chose any file location you want.
Especially make sure you have downloaded the correct libunbound version by checking what Thunderbird version (32-bit/64-bit) you have installed.
This time I have moved the .dll into the extensions folder bit still no joy. Im getting an internal error
@lieser I changed the path in the settings. it was set as extensions/libunbound-8.dll
I changed this to match the full path c:\user\userx\appdata...
It hangs on validating
for a while and then changes to error connecting to DNS server
I think, rather than spend any more time on this Im best just leaving it for the time being, I dont think Im going to have any joy
Sorry to hear that libunbound does not work for you too.
You should look if your mail provider writes the DKIM result in the Authentication-Results header. If yes you can enable reading the result from there instead of letting the addon do it's own DKIM verification. See https://github.com/lieser/dkim_verifier/wiki/Options#read-authentication-results-header.
Not a real solution to the DNS problem of course, but maybe still something that is enough for you.
I will close this issue for now, but feel free to reopen it if you still have questions.
I have tried following the debug instructions here (https://github.com/lieser/dkim_verifier/wiki/Debug) but not getting anywhere very quick.
I have tried using the DKIM verifier on both Thunderbird and Betterbird and am having the same issues on both.
I have tried using DNS 1.1.1.1 and 8.8.8.8 but neither work.
I have attached the output from the console export to see if there is anything that you can spot.
I use the DKIM verifier on my laptop and it works fine, but my desktop is where the issue lies (used to work fine but suddenly stopped) console-export.txt