Date: Tue, 19 May 2015 19:47:15 -0400
*A Schulze,*
*Here is a screenshot of my keys directory.*
[image: Inline image 1]
*here is my opendkim.conf:*
[root_at_mail1 keys]# cat /etc/opendkim.conf
## BASIC OPENDKIM CONFIGURATION FILE
## See opendkim.conf(5) or %{_pkgdocdir}/opendkim.conf.sample for more
## BEFORE running OpenDKIM you must:
## - make your MTA (Postfix, Sendmail, etc.) aware of OpenDKIM
## - generate keys for your domain (if signing)
## - edit your DNS records to publish your public keys (if signing)
## See %{_pkgdocdir}/INSTALL for detailed instructions.
## CONFIGURATION OPTIONS
AutoRestart Yes
AutoRestartRate 10/1h
# Specifies the path to the process ID file.
PidFile /var/run/opendkim/opendkim.pid
# Selects operating modes. Valid modes are s (sign) and v (verify). Default
is v
.
# Must be changed to s (sign only) or sv (sign and verify) in order to sign
outg
oing
# messages.
Mode sv
# Log activity to the system log.
Syslog yes
# Log additional entries indicating successful signing or verification of
messag
es.
SyslogSuccess yes
# If logging is enabled, include detailed logging about why or why not a
message
was
# signed or verified. This causes an increase in the amount of log data
generate
d
# for each message, so set this to No (or comment it out) if it gets too
noisy.
LogWhy yes
# Attempt to become the specified user before starting operations.
UserID opendkim:opendkim
# Create a socket through which your MTA can communicate.
Socket inet:8891_at_localhost
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
Umask 022
# This specifies a text file in which to store DKIM transaction statistics.
# OpenDKIM must be manually compiled with --enable-stats to enable this
feature.
#Statistics /var/spool/opendkim/stats.dat
## SIGNING OPTIONS
# Selects the canonicalization method(s) to be used when signing messages.
Canonicalization simple/simple
# Domain(s) whose mail should be signed by this filter. Mail from other
domains
will
# be verified rather than being signed. Uncomment and use your domain name.
# This parameter is not required if a SigningTable is in use.
#Domain example.com
# Defines the name of the selector to be used when signing messages.
Selector default
# Specifies the minimum number of key bits for acceptable keys and
signatures.
MinimumKeyBits 1024
# Gives the location of a private key to be used for signing ALL messages.
This
# directive is ignored if KeyTable is enabled.
KeyFile /etc/opendkim/keys/mymodeltalk.com/default.private
# Gives the location of a file mapping key names to signing keys. In simple
term
s,
# this tells OpenDKIM where to find your keys. If present, overrides any
KeyFile
# directive in the configuration file. Requires SigningTable be enabled.
KeyTable /etc/opendkim/KeyTable
# Defines a table used to select one or more signatures to apply to a
message ba
sed
# on the address found in the From: header field. In simple terms, this
tells
# OpenDKIM how to use your keys. Requires KeyTable be enabled.
SigningTable refile:/etc/opendkim/SigningTable
# Identifies a set of "external" hosts that may send mail through the
server as
one
# of the signing domains without credentials as such.
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
# Identifies a set "internal" hosts whose mail should be signed rather than
veri
fied.
InternalHosts refile:/etc/opendkim/TrustedHosts
SignatureAlgorithm rsa-sha256
TemporaryDirectory /var/tmp
*Here is my KeyTable:*
*[image: Inline image 2]*
*Here is a screen of my SigningTable:*
*[image: Inline image 3]*
*Here is a screen of my TrustedHosts:*
*[image: Inline image 4]*
-- Mike McKoy *404.590.7176* http://MyForeverHair.com http://www.MyModelTalk.com http://InCrowdUSA.net http://www.google.com/profiles/mikemckoy On Tue, May 19, 2015 at 3:33 PM, Mike McKoy <mikemckoy_at_gmail.com> wrote: > So I've installed OPENDKIM and want to get it working before I setup NAMED > on this server. Currently Godaddy is handling my DNS. DKIM is signing > messages but it seems to be using the wrong key. I don't know how it is > doing this because I checked the keys in /etc/opendkim/keys and they don't > resemble the one I see in the header. Looking in maillogs there are no > errors when signing. > > Here is a copy of of my key: > "v=DKIM1; k=rsa; " > "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCn9CWknWP9Og0wVt4xoDsBLJHfatu > P/6GTSR2+VE4w7bIgF1E5SPlJp2qEu87NnkNSFttfsl4K6YZKyaZUt/ZlrEXllz+IG+wxfQfKWhazIqVcG5p31Rr54yBTpoTjVLRmoJ1tXdrr0O6NnGb9FyoWPqKi3CkSya2V5PI8DcgSwIDAQAB" > > > Here is a copy of my mail header: > Received-SPF: pass (google.com: domain of talkbox_at_inform.mymodeltalk.com > designates 52.0.148.79 as permitted sender) client-ip=52.0.148.79; > Authentication-Results: mx.google.com; > spf=pass (google.com: domain of talkbox_at_inform.mymodeltalk.com > designates 52.0.148.79 as permitted sender) smtp.mail= > talkbox_at_inform.mymodeltalk.com; > dkim=neutral (no signature) header.i=_at_mymodeltalk.com > Received: from inform.mymodeltalk.com (MyModelTalk.com [52.0.148.79]) > by mail1.mymodeltalk.com (Postfix) with ESMTP id 5340123315 > for <mikemckoy_at_gmail.com>; Tue, 19 May 2015 05:17:58 -0400 (EDT) > DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mymodeltalk.com; > s=default; t=1432027078; > bh=fAK46wh0L4gFk+8+jo6UW0qH58ckLjzME9PLXmNZf2M=; > h=Date:To:From:Subject; > b=EC6FWURdpXuoNazcDj2Bt8i9P7nKKeH9xUQD7AdvzFPUqB3lS9wtIs5+OqQeRXpj0 > bdmtKAkOa3SfcC2IXT9Tn+DfgkRbGj1gM0uNcFdevDzVXIndXdrckEFOIO2p8s/sO1 > BwRBwc3B3ZdL4YBnz7iddktwWwtXPWOWdGeGKOb4= > > Any thoughts? >
(image/png attachment: image.png)
(image/png attachment: 02-image.png)
(image/png attachment: 03-image.png)
(image/png attachment: 04-image.png)