*A Schulze,*
*Here is a screenshot of my keys directory.*
[image: Inline image 1]
*here is my opendkim.conf:*
[root_at_mail1 keys]# cat /etc/opendkim.conf
## BASIC OPENDKIM CONFIGURATION FILE
## See opendkim.conf(5) or %{_pkgdocdir}/opendkim.conf.sample for more
## BEFORE running OpenDKIM you must:
## - make your MTA (Postfix, Sendmail, etc.) aware of OpenDKIM
## - generate keys for your domain (if signing)
## - edit your DNS records to publish your public keys (if signing)
## See %{_pkgdocdir}/INSTALL for detailed instructions.
## CONFIGURATION OPTIONS
AutoRestart Yes
AutoRestartRate 10/1h
# Specifies the path to the process ID file.
PidFile /var/run/opendkim/opendkim.pid
# Selects operating modes. Valid modes are s (sign) and v (verify). Default
is v
.
# Must be changed to s (sign only) or sv (sign and verify) in order to sign
outg
oing
# messages.
Mode sv
# Log activity to the system log.
Syslog yes
# Log additional entries indicating successful signing or verification of
messag
es.
SyslogSuccess yes
# If logging is enabled, include detailed logging about why or why not a
message
was
# signed or verified. This causes an increase in the amount of log data
generate
d
# for each message, so set this to No (or comment it out) if it gets too
noisy.
LogWhy yes
# Attempt to become the specified user before starting operations.
UserID opendkim:opendkim
# Create a socket through which your MTA can communicate.
Socket inet:8891_at_localhost
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
Umask 022
# This specifies a text file in which to store DKIM transaction statistics.
# OpenDKIM must be manually compiled with --enable-stats to enable this
feature.
#Statistics /var/spool/opendkim/stats.dat
## SIGNING OPTIONS
# Selects the canonicalization method(s) to be used when signing messages.
Canonicalization simple/simple
# Domain(s) whose mail should be signed by this filter. Mail from other
domains
will
# be verified rather than being signed. Uncomment and use your domain name.
# This parameter is not required if a SigningTable is in use.
#Domain example.com
# Defines the name of the selector to be used when signing messages.
Selector default
# Specifies the minimum number of key bits for acceptable keys and
signatures.
MinimumKeyBits 1024
# Gives the location of a private key to be used for signing ALL messages.
This
# directive is ignored if KeyTable is enabled.
KeyFile /etc/opendkim/keys/mymodeltalk.com/default.private
# Gives the location of a file mapping key names to signing keys. In simple
term
s,
# this tells OpenDKIM where to find your keys. If present, overrides any
KeyFile
# directive in the configuration file. Requires SigningTable be enabled.
KeyTable /etc/opendkim/KeyTable
# Defines a table used to select one or more signatures to apply to a
message ba
sed
# on the address found in the From: header field. In simple terms, this
tells
# OpenDKIM how to use your keys. Requires KeyTable be enabled.
SigningTable refile:/etc/opendkim/SigningTable
# Identifies a set of "external" hosts that may send mail through the
server as
one
# of the signing domains without credentials as such.
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
# Identifies a set "internal" hosts whose mail should be signed rather than
veri
fied.
InternalHosts refile:/etc/opendkim/TrustedHosts
SignatureAlgorithm rsa-sha256
TemporaryDirectory /var/tmp
*Here is my KeyTable:*
*[image: Inline image 2]*
*Here is a screen of my SigningTable:*
*[image: Inline image 3]*
*Here is a screen of my TrustedHosts:*
*[image: Inline image 4]*
--
Mike McKoy
*404.590.7176*
http://MyForeverHair.com
http://www.MyModelTalk.com
http://InCrowdUSA.net
http://www.google.com/profiles/mikemckoy
On Tue, May 19, 2015 at 3:33 PM, Mike McKoy <mikemckoy_at_gmail.com> wrote:
> So I've installed OPENDKIM and want to get it working before I setup NAMED
> on this server. Currently Godaddy is handling my DNS. DKIM is signing
> messages but it seems to be using the wrong key. I don't know how it is
> doing this because I checked the keys in /etc/opendkim/keys and they don't
> resemble the one I see in the header. Looking in maillogs there are no
> errors when signing.
>
> Here is a copy of of my key:
> "v=DKIM1; k=rsa; "
> "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCn9CWknWP9Og0wVt4xoDsBLJHfatu
> P/6GTSR2+VE4w7bIgF1E5SPlJp2qEu87NnkNSFttfsl4K6YZKyaZUt/ZlrEXllz+IG+wxfQfKWhazIqVcG5p31Rr54yBTpoTjVLRmoJ1tXdrr0O6NnGb9FyoWPqKi3CkSya2V5PI8DcgSwIDAQAB"
>
>
> Here is a copy of my mail header:
> Received-SPF: pass (google.com: domain of talkbox_at_inform.mymodeltalk.com
> designates 52.0.148.79 as permitted sender) client-ip=52.0.148.79;
> Authentication-Results: mx.google.com;
> spf=pass (google.com: domain of talkbox_at_inform.mymodeltalk.com
> designates 52.0.148.79 as permitted sender) smtp.mail=
> talkbox_at_inform.mymodeltalk.com;
> dkim=neutral (no signature) header.i=_at_mymodeltalk.com
> Received: from inform.mymodeltalk.com (MyModelTalk.com [52.0.148.79])
> by mail1.mymodeltalk.com (Postfix) with ESMTP id 5340123315
> for <mikemckoy_at_gmail.com>; Tue, 19 May 2015 05:17:58 -0400 (EDT)
> DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mymodeltalk.com;
> s=default; t=1432027078;
> bh=fAK46wh0L4gFk+8+jo6UW0qH58ckLjzME9PLXmNZf2M=;
> h=Date:To:From:Subject;
> b=EC6FWURdpXuoNazcDj2Bt8i9P7nKKeH9xUQD7AdvzFPUqB3lS9wtIs5+OqQeRXpj0
> bdmtKAkOa3SfcC2IXT9Tn+DfgkRbGj1gM0uNcFdevDzVXIndXdrckEFOIO2p8s/sO1
> BwRBwc3B3ZdL4YBnz7iddktwWwtXPWOWdGeGKOb4=
>
> Any thoughts?
>
Received on Tue May 19 2015 - 23:47:34 PST