rspamd dkim fail body hash

[maldanus]

Contribution guidelines

• [X] I've read the contribution guidelines and wholeheartedly agree

I've found a bug and checked that ...

• [X] ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
• [X] ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
• [X] ... I have understood that answers are voluntary and community-driven, and not commercial support.
• [X] ... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

When there are accent characters in the message, the message is marked by rspamd with R_DKIM_REJECT(8.00). SpamAssassin pass same message.
Without accent characters message is marked R_DKIM_ALLOW.

Logs:

Return-Path: <effenberk@sabtrafo.cz>
Delivered-To: martin@flashcomp.cz
Received: from mail.flashcomp.cz ([172.22.1.253])
    by baa840a8f3b0 with LMTP
    id 8EV5D7FZOWTRLAEA51J6UA
    (envelope-from <effenberk@sabtrafo.cz>)
    for <martin@flashcomp.cz>; Fri, 14 Apr 2023 15:48:33 +0200
Received: from base.sabtrafo.cz (base.sabtrafo.cz [89.190.70.202])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    by mail.flashcomp.cz (Postcow) with ESMTPS id 5FA9D3883CC
    for <martin@flashcomp.cz>; Fri, 14 Apr 2023 15:48:31 +0200 (CEST)
Authentication-Results: mail.flashcomp.cz;
    dkim=pass header.d=sabtrafo.cz header.s=default header.b="Z//kvEs1";
    dkim=fail ("body hash did not verify") header.d=sabtrafo.cz header.s=default header.b="ZP/uaaKY";
    dkim=fail ("body hash did not verify") header.d=sabtrafo.cz header.s=default header.b=VRxeGo7k;
    dmarc=none;
    spf=pass (mail.flashcomp.cz: domain of effenberk@sabtrafo.cz designates 89.190.70.202 as permitted sender) smtp.mailfrom=effenberk@sabtrafo.cz
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=flashcomp.cz;
    s=dkim; t=1681480111;
    h=from:from:sender:sender:reply-to:subject:subject:date:date:
     message-id:message-id:to:to:cc:mime-version:mime-version:
     content-type:content-type:dkim-signature;
    bh=uD0dfMjJ4lX34WKz/jhkj8O7olQ7fESOZnQJhaQ/N8M=;
    b=2QSlz/jUWu34Mav4z02BDywoRcc2UOXyDCa+pTvW6KEEWSG9LbPNhZm+qLl1lkYeXNl1Gd
    rpFdNYbWhYSexlvqWYamAqr9FrlbsTtvKFe9QPVvbDc2Rke++xedom9BXbPoKZbZI5slFt
    FtOXE5jc6v++NJAN79sxsVQu1Ko91X22wxAL7MWLJP5wKsV7VLTJp0SKTVO6fxBTUc3KVR
    Ae31HqgBvh2Zn94Fz4Idh9MfgAs5GVJ8XsbE8yLCtaPUrKx0eTyIBZSv75yauPghHmcotB
    M0EpehwOaQz27lif3lbAhjjyzk1c0iAbU/vfkUR7Ox50y7rc9H/MEK1LgiFrVg==
ARC-Authentication-Results: i=1;
    mail.flashcomp.cz;
    dkim=pass header.d=sabtrafo.cz header.s=default header.b="Z//kvEs1";
    dkim=fail ("body hash did not verify") header.d=sabtrafo.cz header.s=default header.b="ZP/uaaKY";
    dkim=fail ("body hash did not verify") header.d=sabtrafo.cz header.s=default header.b=VRxeGo7k;
    dmarc=none;
    spf=pass (mail.flashcomp.cz: domain of effenberk@sabtrafo.cz designates 89.190.70.202 as permitted sender) smtp.mailfrom=effenberk@sabtrafo.cz
ARC-Seal: i=1; s=dkim; d=flashcomp.cz; t=1681480111; a=rsa-sha256;
    cv=none;
    b=ufPLNN5K7JnFP3v3uJ/HxPZEVjBG0jsRnI3qHei1/tSDHmRV6c6ScMOh/2xwDFRd23nQQe
    WY2dEkD8CG8/LXdw3ZcJZ9EdEzNsJte3JrB42Q3z/loxub21+e9VdDeTnrWKRkjzfpatRG
    QLwO0gNfMxVdOQ0/ZDV0jd1qRJweZXNqAfRm3for1sh50FBx79ZXxFxH6wBHxpcH/lwb47
    Y/U+Wn5VmM4DGvfZ3RyJZAZc+h6cucRhtAJbRM9ckJ7SmLm3JjhMPCbn2elwS32X03MhrE
    WxVvPg0sv8RR7SUjlT3MXGv7k9rOXUlP2l8+kr4Qi2+Hd2VY5891VrfjJYO0XA==
X-Virus-Scanned: Debian amavisd-new at sabtrafo.cz
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sabtrafo.cz;
    s=default; t=1681480108;
    bh=uD0dfMjJ4lX34WKz/jhkj8O7olQ7fESOZnQJhaQ/N8M=;
    h=Date:From:To:Subject:From;
    b=Z//kvEs1qzz/4N3bKGl72QscLRVjLhQU5A9UsvoYBNhNGOWfvwWNd/+VmIy9GHEJf
     WQAtExV2qoQTf7vCiTBATQ9NMMwXT32uRuXpepRadVDGNpbrozsxVeR/awVU27PBNA
     wQAgbxlZK92oXErFFf9M5LxOPpWrly3kA4LhHWcLJ3FoxumkVMSz4k0FeAcoOadXyX
     dc37222SKChWTTnmVs3hcm2saVCqE4H7MCBrNuqVljncd2ZKc7f43fflZnEavPB311
     GMxp7nydTEuSevAfaZMu1MdEJXjeRKTWUuz5Dl/Fj40Q2SNSHYENlG6wUuTFxNgwXT
     zPC7RJyJf15Sw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sabtrafo.cz;
 s=default; t=1681480107;
 bh=894CMge7YigAHx5UwI8muQh8YGOijJNAnwdRyLq95Ik=;
 h=Date:From:To:Subject:From;
 b=ZP/uaaKYGsqMOR+ItLT4sQXe13TaO3LNU/k0Gx9W3MvNwFGBXGVZZLLPZ1lSzB7Wb
 9mYRbxoA12q85HMnIJu1Y0/Fi7FKayOPjWq9m3TysNvRi/EBIZHOQxI36wMiI8vVZp
 Hpp36QHU0A1VENTh6xDBUEWXDiRGmRGLqavdCaGxTFqvxgXAPtI4OrCWopz94GSKnk
 9mp63tTi0aTTvGJraAU0hYV/trWrsNs2VrWjpaDOWwPTHeymLBOUeGbMZt/XreGlHb
 cpNXRtKtFGXECN00bCXUWIURmlTRzD+NBYDBMkbxrdfDDIIZU4RvOrf6EZMv5FE+Ek
 +uGiUTTXknTfg==
Sender: effenberk@sabtrafo.cz
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sabtrafo.cz;
 s=default; t=1681480104;
 bh=894CMge7YigAHx5UwI8muQh8YGOijJNAnwdRyLq95Ik=;
 h=Date:From:To:Subject:From;
 b=VRxeGo7kNrOtV8TsYmr8BI6uk+xKKDOTIRkCjGhg7wZLj+Ziltw/xbGyTwnah9eJD
 UcCou58hb3l3nKdnN3bdQDD/HgjCTbBJwwRKAESEZ8xTW6Xt5t+eDWJkAEsjYssAn4
 V+V7LNU5NcYthD/++ZNoZ90D13J8aRVKj73k4iU2P8CIAU2DabhMhhRHlihU+xTYb1
 HKtmMOkwkbaiEWL7sB3LgIFAdC4hNKduE4hAuAyX+6xkCT2NXKH/PRAl9vHD5PoWRk
 zdK+QvYYR6HQia/QslvWiR5BPvIjrjn54Oay93VszczzxH0gi+0Lg0L6PMEOKWeZVK
 N97wBnyEcC60w==
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="=_234396dc560a4b4cc52653e477719010"
Date: Fri, 14 Apr 2023 15:48:23 +0200
From: "Effenberk, Jaromir" <effenberk@sabtrafo.cz>
To: =?UTF-8?Q?Martin_Mal=C3=BD?= <martin@flashcomp.cz>
Subject: test
Message-ID: <d2e645478d8e766c6de92a0e61364f9a@sabtrafo.cz>
X-Sender: effenberk@sabtrafo.cz
X-Last-TLS-Session-Version: TLSv1.2
X-Spamd-Result: default: False [13.59 / 15.00];
    R_DKIM_REJECT(8.00)[sabtrafo.cz:s=default];
    IP_REPUTATION_SPAM(5.52)[asn: 41088(0.40), country: CZ(-0.01), ip: 89.190.70.202(0.99)];
    R_MIXED_CHARSET(1.00)[];
    BAYES_HAM(-0.92)[80.00%];
    R_PARTS_DIFFER(0.50)[100.0%];
    R_DKIM_ALLOW(-0.20)[sabtrafo.cz:s=default];
    R_SPF_ALLOW(-0.20)[+mx:c];
    MIME_GOOD(-0.10)[multipart/alternative,text/plain];
    MX_GOOD(-0.01)[];
    FROM_HAS_DN(0.00)[];
    TO_MATCH_ENVRCPT_ALL(0.00)[];
    ASN(0.00)[asn:41088, ipnet:89.190.64.0/19, country:CZ];
    RCPT_COUNT_ONE(0.00)[1];
    DMARC_NA(0.00)[sabtrafo.cz: no valid DMARC record];
    ARC_NA(0.00)[];
    BCC(0.00)[];
    SOGO_CONTACT_EXCLUDE(0.00)[];
    MIME_TRACE(0.00)[0:+,1:+,2:~];
    TO_DN_ALL(0.00)[];
    ARC_SIGNED(0.00)[flashcomp.cz:s=dkim:i=1];
    DKIM_MIXED(0.00)[];
    MID_RHS_MATCH_FROM(0.00)[];
    DKIM_TRACE(0.00)[sabtrafo.cz:+,sabtrafo.cz:-];
    RCPT_MAILCOW_DOMAIN(0.00)[flashcomp.cz];
    RCVD_COUNT_ZERO(0.00)[0];
    FROM_EQ_ENVFROM(0.00)[];
    GREYLIST(0.00)[pass,meta]
X-Rspamd-Queue-Id: 5FA9D3883CC
X-Spam-Flag: YES
X-Spam: Yes

--=_234396dc560a4b4cc52653e477719010
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

+=C4=9B=C5=A1=C4=8D=C5=99=C5=BE=C3=BD=C3=A1=C3=AD=C3=A9
--=_234396dc560a4b4cc52653e477719010
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3DUTF-8" /></head><body style=3D'font-size: 10pt; font-family: Verdana,Gen=
eva,sans-serif'>
<p>+=C4=9B&scaron;=C4=8D=C5=99=C5=BE&yacute;&aacute;&iacute;&eacute;</p>
</body></html>

--=_234396dc560a4b4cc52653e477719010--

Steps to reproduce:

message source attached in log section

Which branch are you using?

master

Operating System:

Debian 11, Docker 23.0.3

Server/VM specifications:

16GB RAM, 1CPU 6c

Is Apparmor, SELinux or similar active?

no

Virtualization technology:

kvm

Docker version:

23.0.3

docker-compose version or docker compose version:

2.7.0

mailcow version:

2023-04a

Reverse proxy:

nginx

Logs of git diff:

n

Logs of iptables -L -vn:

n

Logs of ip6tables -L -vn:

n

Logs of iptables -L -vn -t nat:

n

Logs of ip6tables -L -vn -t nat:

n

DNS check:

n

[milkmaker]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.