Icon of senders

[ale5000-git]

I see it display an icon near the sender of mails received from LinkedIn.
How to add it also to other mails?

[lieser]

Currently this is hard coded into the add-on (mapping: https://github.com/lieser/dkim_verifier/blob/master/data/favicon.json, icons in https://github.com/lieser/dkim_verifier/tree/master/data/favicon). There already exist an issue to change this: #83.

At the moment you can either add them there yourself and create a pull request, or ask me to add sites. Note that E-Mail providers will not be added to the favicon list until #107 is resolved. I also do not add personal sites.

[ale5000-git]

I see that some of the sites that I want are already on the list but they still do not display the icon in my e-mails.

Mail of the one present but not working:

• bugzilla-daemon@mozilla.org (Removed key, need new mail for verification)

Missing icon:

• noreply@wordpress.org OK
• advertise-noreply@support.facebook.com OK
• conferma-spedizione@amazon.it OK
• vistaprint@tm.vistaprint.it OK
• noreply@wetransfer.com OK
• devnull@yandex-team.ru OK
• service@bingads.com OK

[lieser]

Thanks for the list of missing domains. I will add them in the next release.

bugzilla-daemon@mozilla.org

I have multiple e-mails from Bugzilla, all signed by mozilla.org, there the favicon is successfully shown. Please make sure you have the latest 2.0.1 version installed (or 3.0.0pre2 if you are on beta). Previous versions did not yet include the favicon for mozilla.org.

If it also does not work with the latest version, make sure DKIM is successfuly validated, and the signing domain shown is mozilla.org. If this is the case, please send me an affected e-mail as an .eml file to lieser+dkim@posteo.net, so I can investigate further.

noreply@wordpress.org

Is this signed by wordpress.org? Currently only wordpress.com is in the list (added in the latest version).

[ale5000-git]

There are also others missing:
web-help@cisco.com OK
helpdesk_notifications@grandstream.com OK
no-reply@youtube.com OK
notification+zrd61dozzeie@fbworkmail.com OK
no-reply@mail.instagram.com OK
account-security-noreply@accountprotection.microsoft.com (Possible smtp server problem)
do-not-reply@market.envato.com OK
donotreply@envato.com OK

[lieser]

Thanks a gain for the list of missing domains. Will add them too.

bugzilla-daemon@mozilla.org:
It seems the DKIM key was deleted from the DNS. This can often happens if a domain is using a new key. As DKIM is intended to be verified by the server shortly after it is received, there normally is not need to keep the old key available for a long time.
That the add-on is doing (client side verification when the a-mail is viewed) is very unusual for DKIM.

I would recommend enabling the caching of the DKIM keys to avoid this problem. See https://github.com/lieser/dkim_verifier/wiki/Options#caching-of-the-dkim-keys.

I have the key used at that time by mozilla cached locally, and verification and showing of the icon works without problems for the e-mail you send me. I would suggest to postpone further investigation for now, until you have again problems with the icon for an e-mail where verification passes.

[mortenn]

Might want to add (email.|)f-secure.com

[lieser]

I updated the favicons and default rules. This should also fix #145. Would be nice if you could try it out before I release it.

You can get the pre release from dkim_verifier-2.0.2pre1.zip

@ale5000-git
Is advertise-noreply@support.facebook.com signed by support.facebook.com, or just facebook.com? I only added support.facebook.com to the favicon list, because to my knowledge facebook users also have a *@facebook.com e-mail address. If the e-mail is only signed by facebook.com, the favicon will not work.

Also for the default rules, please tell me if the following are not just signed by the top domain, but the complete domain of the e-mail address:

• vistaprint@tm.vistaprint.it
• no-reply@mail.instagram.com
• account-security-noreply@accountprotection.microsoft.com
• do-not-reply@market.envato.com

The following there already in the favicon rules, and should have already be showing the favicon:

• no-reply@youtube.com
• account-security-noreply@accountprotection.microsoft.com

@mortenn
Please tell me if email.f-secure.com is signed only by the top domain, or email.f-secure.com

[ale5000-git]

@lieser

• no-reply@mail.instagram.com (signed by mail.instagram.com) OK
• advertise-noreply@support.facebook.com (signed by support.facebook.com) OK
• vistaprint@tm.vistaprint.it (signed by tm.vistaprint.it) OK
• account-security-noreply@accountprotection.microsoft.com (signed by accountprotection.microsoft.com) (Possible smtp server problem)
• do-not-reply@market.envato.com (signed by market.envato.com) OK

I have done some tests and the new pre release seems to work fine.

---

I have also found other domains to add:

Missing sign rule and icon:

• Sucuri Security - emails@sucuri.net (signed by hubspotemail.net)
• Bountysource Alerts - alerts@bountysource.com (signed by sendgrid.me)
• info@consultingroupitaly.com (signed by aruba.it)

Missing only icon:

• paypal@mail.paypal.it (signed by mail.paypal.it) OK
• noreply@credit-agricole.it OK
• novita@comunicazione.intesasanpaolo.com (signed by comunicazione.intesasanpaolo.com) OK
• no-reply@woocommerce.com OK
• vlc-devel-request@videolan.org OK
• info@twitter.com OK
• webmaster@xda-developers.com OK
• receipts.rimini@uber.com OK
• mailing@accasoftware.it OK
• postmaster@euroconsumers.onmicrosoft.com (signed by euroconsumers.onmicrosoft.com) OK

[lieser]

Thanks a lot for the additional domains and information. Will take a lock at it the next days, and add them.

About the problems:

1. accountprotection.microsoft.com I looked at it, and to me it looks like the e-mail body got changed, and not a problem with the add-on. The verification also fails with another DKIM verifier.
2. youtube.com Could reproduce it. The icon name is misspelled in the domain->icon mapping. Will be fixed in the next version

[ale5000-git]

About Microsoft apparently some mail got correct DKIM while some other no, it may be a bug in their mail server.

I also found some other domains:

Missing sign rule and icon:

• Wind - noreply@rewarding.wind.it (signed by amazonses.com)

Missing only icon:

• gitlab@mg.gitlab.com (signed by mg.gitlab.com) OK
• noreply@iliad.it OK
• ebay@ebay.it OK
• confirm@account.pinterest.com (signed by account.pinterest.com) OK
• servizioclienti@sgrservizi.it OK
• success@travis-ci.com OK
• re-mailsda@sda.it OK
• lo_staff_di_libero@libero.it OK
• noreplyit@justeat-int.com OK
• info@email.thefork.it (signed by email.thefork.it) OK

[mortenn]

It is signed by email.f-secure.com

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=200608; d=email.f-secure.com;
..
From: "F-Secure" <no-reply@email.f-secure.com>

[mortenn]

But I expect email from @f-secure.com is signed for non-automated email as well.

[lieser]

Thank you both for the additional information. Will probably release a new version with this included in the next week. Or you can already try the pre release attached here dkim_verifier-2.1.0pre1.zip (Note that this version includes #141, so you may see some new warnings).

@ale5000-git
I did not add the following e-mails, as they seem to be signed by only unrelated domains:

• emails@sucuri.net
• alerts@bountysource.com
• info@consultingroupitaly.com
• consultingrouphouse@pec.consultingroupitaly.com
• noreply@rewarding.wind.it

For the following I only added the favicon, as I'm unsure if all e-mails from this domains are signed:

• novita@comunicazione.intesasanpaolo.com
• postmaster@euroconsumers.onmicrosoft.com
• gitlab@mg.gitlab.com
• confirm@account.pinterest.com

For the others I added both the favicon and a default rule.

[ale5000-git]

I have tested all new icons in the pre-release and everything is working properly, thanks :)

For consultingroupitaly.com mails, see #154