These are my settings from /etc/opendkim.conf
AllowSHA1Only no
AutoRestartCount 0
Background Yes
BaseDirectory /var/run/opendkim
Diagnostics Yes
Domain edhance.com<
http://edhance.com>
InternalHosts /etc/postfix/opendkim/InternalHosts.conf
KeepTemporaryFiles yes
KeyFile /var/db/dkim/example.private
KeyList /var/db/dkim/keylist
LogWhy yes
Mode sv
PidFile /var/run/opendkim/opendkim.pid
ReportAddress jmarcus_at_edhance.com<mailto:jmarcus_at_edhance.com>
Selector edhancerelay
Socket inet:20209_at_localhost
Syslog Yes
SyslogFacility mail
On Feb 9, 2010, at 12:32 PM, James R. Marcus wrote:
Hi,
I don't seem to be getting any errors from opendkim on my mail relay:
Feb 9 12:18:47 relay0 postfix/cleanup[14356]: 5379516BE6E: message-id=<996A9C53-CE08-4FC4-9529-B8270BC0EC47_at_edhance.com<mailto:996A9C53-CE08-4FC4-9529-B8270BC0EC47_at_edhance.com>>
Feb 9 12:18:47 relay0 opendkim[8693]: (unknown-jobid) mode select: signing
Email to sa-test:
Authentication System: DomainKeys Identified Mail
Result: DKIM signature NOT confirmed
Description: Signature verification failed; signature is missing or key could not be found
Reporting host: sendmail.net<
http://sendmail.net>
More information:
http://mipassoc.org/dkim/
Sendmail milter:
https://sourceforge.net/projects/dkim-milter/
Authentication System: Domain Keys
Result: (no result present)
Reporting host:
More information:
http://antispam.yahoo.com/domainkeys
Sendmail milter:
https://sourceforge.net/projects/domainkeys-milter/
Authentication System: Sender ID
Result: SID data confirmed GOOD
Description: Sending host is authorized for sending domain
Reporting host: sendmail.net<
http://sendmail.net>
More information:
http://www.microsoft.com/senderid
Sendmail milter:
https://sourceforge.net/projects/sid-milter/
Authentication System: Sender Permitted From (SPF)
Result: SPF data confirmed GOOD
Description: Sending host is authorized for sending domain
Reporting host: sendmail.net<
http://sendmail.net>
More information:
http://spf.pobox.com/
Headers from email to gmail:
Authentication-Results: mx.google.com<
http://mx.google.com>; spf=pass (google.com<
http://google.com>: domain of jmarcus_at_edhance.com<mailto:jmarcus_at_edhance.com> designates 67.110.143.99 as permitted sender) smtp.mail=jmarcus@edhance.com<mailto:smtp.mail=jmarcus@edhance.com>; dkim=pass (test mode) header.i=@edhance.com<mailto:header.i=@edhance.com>
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=edhance.com;
s=edhancerelay; t=1265736304;
bh=r5qTbAlKwVYO1CDhYITUygUdc2dPnSOFo9jmVKWiVKI=;
h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version;
z=From:=20"James=20R.=20Marcus"=20<jmarcus_at_edhance.com<mailto:jmarcus_at_edhance.com>>|To:=20James
=20Marcus=20<marcus.james_at_gmail.com<mailto:marcus.james_at_gmail.com>>|Date:=20Tue,=209=20Feb=202010
=2012:25:03=20-0500|Subject:=20to=20record=20headers|Thread-Topic:
=20to=20record=20headers|Thread-Index:=20AcqprNDYW5/kTLqGTXSmU2pDY
Rebvw=3D=3D|Message-ID:=20<8A834D79-C347-4BA2-B6C7-283FD243C28A_at_ed
hance.com<
http://hance.com>>|Accept-Language:=20en-US|Content-Language:=20en-US|X-MS
-Has-Attach:=20|X-MS-TNEF-Correlator:=20|acceptlanguage:=20en-US|C
ontent-Type:=20multipart/alternative=3B=0D=0A=09boundary=3D"_000_8
A834D79C3474BA2B6C7283FD243C28Aedhancecom_"|MIME-Version:=201.0;
b=gEg225odfA/tyMY1tw/33wHJVy4ETYpnkgCeItBL+yYiCKK8zQJJ3yBqIJxoKFvhx
rSWMTkTANozXar1x0oPm3ESCogOvjShemrgBSjOYhPPuz/ozcbtbZlzz2DpNi4zQ54
AmRGCxGXhfCImJw7KUG6HSrEjq+BK649AqP4oB/M=
Headers from email to Yahoo:
Authentication-Results: mta1166.mail.mud.yahoo.com from=edhance.com; domainkeys=neutral (no sig)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=edhance.com;
s=edhancerelay; t=1265736442;
bh=p8mHxvvtP0hBttfAKxu72XcImn8DS99J3ZpMX9Ysvao=;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=edhance.com;
s=edhancerelay; t=1265736442;
bh=p8mHxvvtP0hBttfAKxu72XcImn8DS99J3ZpMX9Ysvao=;
h=From:To:Date:Subject:Message-ID:Content-Type:
Content-Transfer-Encoding:MIME-Version;
Any pointers? Am I missing something in DNS?
James
On Feb 7, 2010, at 10:31 PM, Murray S. Kucherawy wrote:
On Sun, 7 Feb 2010, James R. Marcus wrote:
I'm not sure where I have gone wrong here. I have been emailing
auth-results_at_verifier.port25.com<mailto:auth-results_at_verifier.port25.com> and
elandsys+dkim-126547710311325_at_dk.elandsys.com<mailto:elandsys+dkim-126547710311325_at_dk.elandsys.com> and getting verification
failed errors. Any pointers?
The usual things to try:
1) Set "KeepTemporaryFiles True" and "Diagnostics True", restart the
filter, and re-send your test message. This will add debugging
information to your signatures and also keep a copy of the signed mail in
/var/tmp. Create a tar file containing those and post it to the list
along with the replies to your test mail.
2) Include sa-test_at_sendmail.net<mailto:sa-test_at_sendmail.net> in your tests.
:: James R. Marcus | Director, IT Operations
:: Edhance | jmarcus_at_edhance.com<mailto:jmarcus_at_edhance.com>
:: v: 617-475-5360 | m: 914-772-8533
:: web: www.edhance.com<
http://www.edhance.com>
:: James R. Marcus | Director, IT Operations
:: Edhance | jmarcus_at_edhance.com<x-msg://103/jmarcus_at_edhance.com>
:: v: 617-475-5360 | m: 914-772-8533
:: web: www.edhance.com<
http://www.edhance.com/>
Received on Tue Feb 09 2010 - 19:09:21 PST