Jason:
This might help:
http://stevejenkins.com/blog/2010/09/how-to-get-dkim-domainkeys-identified-m
ail-working-on-centos-5-5-and-postfix-using-opendkim/
It's tailored toward Postfix users, but the OpenDKIM side of this tutorial
will be the same for you no matter which MTA you use.
I just update it today for the 2.2.1 version. J
SteveJ
From: Jason Clint [mailto:nosaj_17_at_hotmail.com]
Sent: Tuesday, October 26, 2010 3:58 PM
To: steve_at_stevejenkins.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Ok so when I checked my dns it is set for the domain without hostnames, I
have a cname setup to point mail.marlborosurvey.net to marlborosurvey.net
but the actual mail._domainkey is set to just marlborosurvey.net? Also I am
confused what you guys mean by keyTable and signingTable? Is that an option
in the conf file?
_____
From: steve_at_stevejenkins.com
To: nosaj_17_at_hotmail.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 15:50:40 -0700
You're REALLY close to having this working! J
It looks like you figured out how to send as root_at_domain.net. So at this
point, don't change anything with your MTA. Just focus on DKIM signing, and
on your DNS settings.
I just checked your DNS entry:
[root_at_carbonfiber ~]# host -t TXT mail._domainkey.marlborosurvey.net
mail._domainkey.marlborosurvey.net descriptive text "v=DKIM1\; k=rsa\;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGAq3ldG6D1fJiWoXPDpKg9dx42LhQysLAgM
wo7cDrBiPMJ9jKh/YIAPAdFm6lHMWOQiL+IryQH+XCMSecdEj67Uw+EIxMgVT/KNQAH9Lqax8YnM
5f91XZrazHLfa8U+bzHrSw15VhXCe9wb+sDtSa3E39naEY7nW5EJRCnCEm0QIDAQAB"
And that looks good for sending as root_at_marlborosurvey.net.
Now you need to make sure that your key is setup for just marlborosurvey.net
This last test says you did:
d=mail.marlborosurvey.net
Make sure you've created a key for just the domain without any hostnames,
then make sure your keyTable and signingTable are set to sign with that key,
and give it another test.
It should work!
SJ
From: Jason Clint [mailto:nosaj_17_at_hotmail.com]
Sent: Tuesday, October 26, 2010 3:43 PM
To: steve_at_stevejenkins.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Looks like the same issue, if that test site is correct. I only actually
see the from address set as root_at_domain.com though is that why you are
saying its failing?
_____
From: nosaj_17_at_hotmail.com
To: steve_at_stevejenkins.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 22:39:34 +0000
Got this from that test:
DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=mail.marlborosurvey.net; s=mail; t=1288132621;
bh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;
h=Date:From:Message-Id:To;
z=Date:=20Tue,=2026=20Oct=202010=2016:37:01=20-0600|From:=20root=20
|Message-Id:=20<201010262237.o9QMb1x
d008348_at_mail.marlborosurvey.net>|To:=20pYYPEv3cs7_at_www.brandoncheck
etts.com;
b=ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/simple
d= Domain: mail.marlborosurvey.net
s= Selector: mail
q= Protocol:
bh= frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=
h= Signed Headers: Date:From:Message-Id:To
b= Data:
ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Public Key DNS Lookup
Building DNS Query for mail._domainkey.mail.marlborosurvey.net
Retrieved this publickey from DNS:
Validating Signature
result = invalid
Details: public key: not available
and the email itself:
Return-Path: <root_at_marlborosurvey.net>
X-Original-To: pYYPEv3cs7_at_www.brandonchecketts.com
Delivered-To: spamapp_at_www.brandonchecketts.com
Received: from mail.marlborosurvey.net (mail.marlborosurvey.net
[64.0.29.71])
by www.brandonchecketts.com (Postfix) with ESMTP id C2E252429F
for <pYYPEv3cs7_at_www.brandonchecketts.com>; Tue, 26 Oct 2010 18:37:00
-0400 (EDT)
Received: from mail.marlborosurvey.net (localhost.localdomain [127.0.0.1])
by mail.marlborosurvey.net (8.14.4/8.14.4) with ESMTP id
o9QMb1T3008349
for <pYYPEv3cs7_at_www.brandonchecketts.com>; Tue, 26 Oct 2010 16:37:01
-0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=mail.marlborosurvey.net; s=mail; t=1288132621;
bh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;
h=Date:From:Message-Id:To;
z=Date:=20Tue,=2026=20Oct=202010=2016:37:01=20-0600|From:=20root=20
<root_at_mail.marlborosurvey.net>|Message-Id:=20<201010262237.o9QMb1x
d008348_at_mail.marlborosurvey.net>|To:=20pYYPEv3cs7_at_www.brandoncheck
etts.com;
b=ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Received: (from root_at_localhost)
by mail.marlborosurvey.net (8.14.4/8.14.4/Submit) id o9QMb1xd008348
for pYYPEv3cs7_at_www.brandonchecketts.com; Tue, 26 Oct 2010 16:37:01
-0600
Date: Tue, 26 Oct 2010 16:37:01 -0600
From: root <root_at_marlborosurvey.net>
Message-Id: <201010262237.o9QMb1xd008348_at_mail.marlborosurvey.net>
To: pYYPEv3cs7_at_www.brandonchecketts.com
_____
From: steve_at_stevejenkins.com
To: nosaj_17_at_hotmail.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 15:34:21 -0700
Hey, Jason. I also like using this to test:
http://www.brandonchecketts.com/emailtest.php
SteveJ
From: opendkim-users-bounce_at_lists.opendkim.org
[mailto:opendkim-users-bounce_at_lists.opendkim.org] On Behalf Of Jason Clint
Sent: Tuesday, October 26, 2010 3:21 PM
To: tlyons_at_ivenue.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
apparently sendmail is starting to get sick of me:
Oct 26 16:16:03 mail sendmail[6668]: o9QMG3VX006668: from=root, size=26,
class=0, nrcpts=1,
msgid=<201010262216.o9QMG3VX006668_at_mail.marlborosurvey.net>,
relay=root_at_localhost
Oct 26 16:16:03 mail sendmail[6669]: o9QMG3SJ006669:
from=<root_at_mail.marlborosurvey.net>, size=332, class=0, nrcpts=1,
msgid=<201010262216.o9QMG3VX006668_at_mail.marlborosurvey.net>, proto=ESMTP,
daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 26 16:16:03 mail sendmail[6669]: o9QMG3SJ006669: Milter insert (1):
header: DKIM-Signature: v=1; a=rsa-sha256;
c=relaxed/simple;\n\td=mail.marlborosurvey.net; s=mail;
t=1288131363;\n\tbh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;\n\th=Date:
From:Message-Id:To;\n\tz=Date:=20Tue,=2026=20Oct=202010=2016:16:03=20-0600|F
rom:=20root=20\n\t
<root_at_mail.marlborosurvey.net>|Message-Id:=20<201010262216.o9QMG3V\n\t
X006668_at_mail.marlborosurvey.net>|To:=20sa-test_at_sendmail.net;\n\tb=DQ8aTRbSD2
BwKTo8DQoqyrPbFs5xoDkQIodZmuJvfJ93GGUfANjXoTSGINdS14EGN\n\t
F4BeCntzj1A7GW1qeEWXIi2cbT6/I4L3AAzWkqkutS5hxm/76ljxZ4lX8bnK5ma6jz\n\t
t+V/MnxHKfbnU8quKhQHzjnxqHLTegIF30b40eEw=
Oct 26 16:16:03 mail sendmail[6668]: o9QMG3VX006668:
to=sa-test_at_sendmail.net, ctladdr=root (0/0), delay=00:00:00,
xdelay=00:00:00, mailer=relay, pri=30026, relay=[127.0.0.1] [127.0.0.1],
dsn=2.0.0, stat=Sent (o9QMG3SJ006669 Message accepted for delivery)
Oct 26 16:16:04 mail sendmail[6672]: STARTTLS=client,
relay=smtp.sendmail.net., version=TLSv1/SSLv3, verify=FAIL,
cipher=DHE-RSA-AES256-SHA, bits=256/256
Oct 26 16:16:05 mail sendmail[6672]: o9QMG3SJ006669:
to=<sa-test_at_sendmail.net>, ctladdr=<root_at_mail.marlborosurvey.net> (0/0),
delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=120332,
relay=smtp.sendmail.net. [209.246.26.21], dsn=4.0.0, stat=Deferred: 451
4.3.2 Please try again later
I will have to check on it in a minute!
_____
From: nosaj_17_at_hotmail.com
To: tlyons_at_ivenue.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 22:17:29 +0000
Just so you know its not whats in the log that bothers me but the response I
get back from sa-test_at_sendmail.net which is.......check that, I just
looked at the last log entry and saw this:
We hope this service has been helpful to you.
Authentication System: DomainKeys Identified Mail
Result: DKIM signature confirmed GOOD
Description: Signature verified, message arrived intact
Reporting host: sendmail.net
More information:
http://mipassoc.org/dkim/
Sendmail milter:
https://sourceforge.net/projects/dkim-milter/
give me a second while I verify if its right and I didn't just doze off and
dream it started working.
> Date: Tue, 26 Oct 2010 15:11:27 -0700
> Subject: Re: Signing problem
> From: tlyons_at_ivenue.com
> To: nosaj_17_at_hotmail.com
> CC: opendkim-users_at_lists.opendkim.org
>
> On Tue, Oct 26, 2010 at 2:24 PM, Jason Clint <nosaj_17_at_hotmail.com> wrote:
> > Another update, setting the Domain to
> > marlborosurvey.net,mail.marlborosurvey.net gets rid of the other errro:
> > Oct 26 15:07:44 mail opendkim[6446]: o9QL7iJ8006451: no signing domain
match
> > for `mail.marlborosurvey.net'
>
> I just wanted to point out that what you are seeing is not an "error",
> it's debug output caused by the "LogWhy" statement being enabled in
> your opendkim configuration.
>
> Murray, maybe a log identifier to indicate it's debug output and not
> an error would be beneficial. I'm torn though...
>
> --
> Regards... Todd
> I seek the truth...it is only persistence in self-delusion and
> ignorance that does harm. -- Marcus Aurealius
>
>
Received on Tue Oct 26 2010 - 23:03:20 PST