Ok give me a little bit to read through this, gonna have to do it after I pick up my kids though. I will post back afterwards.
From: steve_at_stevejenkins.com
To: nosaj_17_at_hotmail.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 16:02:51 -0700
Jason:
This might help:
http://stevejenkins.com/blog/2010/09/how-to-get-dkim-domainkeys-identified-mail-working-on-centos-5-5-and-postfix-using-opendkim/
It’s tailored toward Postfix users, but the OpenDKIM side of
this tutorial will be the same for you no matter which MTA you use.
I just update it today for the 2.2.1 version. J
SteveJ
From: Jason Clint
[mailto:nosaj_17_at_hotmail.com]
Sent: Tuesday, October 26, 2010 3:58 PM
To: steve_at_stevejenkins.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Ok so when I checked my dns it is set for
the domain without hostnames, I have a cname setup to point
mail.marlborosurvey.net to marlborosurvey.net but the actual mail._domainkey is
set to just marlborosurvey.net? Also I am confused what you guys mean by
keyTable and signingTable? Is that an option in the conf file?
From: steve_at_stevejenkins.com
To: nosaj_17_at_hotmail.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 15:50:40 -0700
You’re REALLY close to having
this working! J
It looks like you figured out how to send as root_at_domain.net. So at this point, don’t change
anything with your MTA. Just focus on DKIM signing, and on your DNS settings.
I just checked your DNS entry:
[root_at_carbonfiber ~]# host -t TXT
mail._domainkey.marlborosurvey.net
mail._domainkey.marlborosurvey.net descriptive text
"v=DKIM1\; k=rsa\;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGAq3ldG6D1fJiWoXPDpKg9dx42LhQysLAgMwo7cDrBiPMJ9jKh/YIAPAdFm6lHMWOQiL+IryQH+XCMSecdEj67Uw+EIxMgVT/KNQAH9Lqax8YnM5f91XZrazHLfa8U+bzHrSw15VhXCe9wb+sDtSa3E39naEY7nW5EJRCnCEm0QIDAQAB"
And that looks good for sending as root_at_marlborosurvey.net.
Now you need to make sure that your key is setup for just
marlborosurvey.net This last test says you did:
d=mail.marlborosurvey.net
Make sure you’ve created a key for just the domain without any
hostnames, then make sure your keyTable and signingTable are set to sign with
that key, and give it another test.
It should work!
SJ
From: Jason Clint
[mailto:nosaj_17_at_hotmail.com]
Sent: Tuesday, October 26, 2010 3:43 PM
To: steve_at_stevejenkins.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Looks like the same issue, if that test site
is correct. I only actually see the from address set as root_at_domain.com though
is that why you are saying its failing?
From: nosaj_17_at_hotmail.com
To: steve_at_stevejenkins.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 22:39:34 +0000
Got this from that test:
DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=mail.marlborosurvey.net; s=mail; t=1288132621;
bh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;
h=Date:From:Message-Id:To;
z=Date:=20Tue,=2026=20Oct=202010=2016:37:01=20-0600|From:=20root=20
|Message-Id:=20<201010262237.o9QMb1x
d008348_at_mail.marlborosurvey.net>|To:=20pYYPEv3cs7_at_www.brandoncheck
etts.com;
b=ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/simple
d= Domain: mail.marlborosurvey.net
s= Selector: mail
q= Protocol:
bh= frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=
h= Signed Headers: Date:From:Message-Id:To
b= Data: ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Public Key DNS Lookup
Building DNS Query for mail._domainkey.mail.marlborosurvey.net
Retrieved this publickey from DNS:
Validating Signature
result = invalid
Details: public key: not available
and the email itself:
Return-Path: <root_at_marlborosurvey.net>
X-Original-To: pYYPEv3cs7_at_www.brandonchecketts.com
Delivered-To: spamapp_at_www.brandonchecketts.com
Received: from mail.marlborosurvey.net (mail.marlborosurvey.net [64.0.29.71])
by www.brandonchecketts.com (Postfix) with ESMTP id C2E252429F
for <pYYPEv3cs7_at_www.brandonchecketts.com>; Tue, 26 Oct 2010 18:37:00 -0400 (EDT)
Received: from mail.marlborosurvey.net (localhost.localdomain [127.0.0.1])
by mail.marlborosurvey.net (8.14.4/8.14.4) with ESMTP id o9QMb1T3008349
for <pYYPEv3cs7_at_www.brandonchecketts.com>; Tue, 26 Oct 2010 16:37:01 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=mail.marlborosurvey.net; s=mail; t=1288132621;
bh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;
h=Date:From:Message-Id:To;
z=Date:=20Tue,=2026=20Oct=202010=2016:37:01=20-0600|From:=20root=20
<root_at_mail.marlborosurvey.net>|Message-Id:=20<201010262237.o9QMb1x
d008348_at_mail.marlborosurvey.net>|To:=20pYYPEv3cs7_at_www.brandoncheck
etts.com;
b=ne4uSkDYbE9cwS65BJsfiYwuO8l72lDmfMq+YCiolZbgD/uJkwD8A2IB6Gd/SpUDS
AdmOgDoHFEtSVf8hn9Rz/eRfEgfKhLbPWQwKGrmRetfcoWRrTOKKU5WY62woqEW33t
wKLRe0J+bP379N06IOqps9RRSpsGU5IIWYzUcVW0=
Received: (from root_at_localhost)
by mail.marlborosurvey.net (8.14.4/8.14.4/Submit) id o9QMb1xd008348
for pYYPEv3cs7_at_www.brandonchecketts.com; Tue, 26 Oct 2010 16:37:01 -0600
Date: Tue, 26 Oct 2010 16:37:01 -0600
From: root <root_at_marlborosurvey.net>
Message-Id: <201010262237.o9QMb1xd008348_at_mail.marlborosurvey.net>
To: pYYPEv3cs7_at_www.brandonchecketts.com
From: steve_at_stevejenkins.com
To: nosaj_17_at_hotmail.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 15:34:21 -0700
Hey, Jason. I also like using this to test:
http://www.brandonchecketts.com/emailtest.php
SteveJ
From:
opendkim-users-bounce_at_lists.opendkim.org [mailto:opendkim-users-bounce_at_lists.opendkim.org]
On Behalf Of Jason Clint
Sent: Tuesday, October 26, 2010 3:21 PM
To: tlyons_at_ivenue.com
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
apparently sendmail is starting to get sick
of me:
Oct 26 16:16:03 mail sendmail[6668]: o9QMG3VX006668: from=root, size=26,
class=0, nrcpts=1,
msgid=<201010262216.o9QMG3VX006668_at_mail.marlborosurvey.net>,
relay=root_at_localhost
Oct 26 16:16:03 mail sendmail[6669]: o9QMG3SJ006669:
from=<root_at_mail.marlborosurvey.net>, size=332, class=0, nrcpts=1,
msgid=<201010262216.o9QMG3VX006668_at_mail.marlborosurvey.net>, proto=ESMTP,
daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 26 16:16:03 mail sendmail[6669]: o9QMG3SJ006669: Milter insert (1): header:
DKIM-Signature: v=1; a=rsa-sha256;
c=relaxed/simple;\n\td=mail.marlborosurvey.net; s=mail;
t=1288131363;\n\tbh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;\n\th=Date:From:Message-Id:To;\n\tz=Date:=20Tue,=2026=20Oct=202010=2016:16:03=20-0600|From:=20root=20\n\t
<root_at_mail.marlborosurvey.net>|Message-Id:=20<201010262216.o9QMG3V\n\t
X006668_at_mail.marlborosurvey.net>|To:=20sa-test_at_sendmail.net;\n\tb=DQ8aTRbSD2BwKTo8DQoqyrPbFs5xoDkQIodZmuJvfJ93GGUfANjXoTSGINdS14EGN\n\t
F4BeCntzj1A7GW1qeEWXIi2cbT6/I4L3AAzWkqkutS5hxm/76ljxZ4lX8bnK5ma6jz\n\t
t+V/MnxHKfbnU8quKhQHzjnxqHLTegIF30b40eEw=
Oct 26 16:16:03 mail sendmail[6668]: o9QMG3VX006668: to=sa-test_at_sendmail.net,
ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30026,
relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (o9QMG3SJ006669 Message
accepted for delivery)
Oct 26 16:16:04 mail sendmail[6672]: STARTTLS=client, relay=smtp.sendmail.net.,
version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Oct 26 16:16:05 mail sendmail[6672]: o9QMG3SJ006669:
to=<sa-test_at_sendmail.net>, ctladdr=<root_at_mail.marlborosurvey.net>
(0/0), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=120332,
relay=smtp.sendmail.net. [209.246.26.21], dsn=4.0.0,
stat=Deferred: 451 4.3.2 Please try again later
I will have to check on it in a minute!
From:
nosaj_17_at_hotmail.com
To: tlyons_at_ivenue.com
CC: opendkim-users_at_lists.opendkim.org
Subject: RE: Signing problem
Date: Tue, 26 Oct 2010 22:17:29 +0000
Just so you know its not whats in the log that bothers me but the response I
get back from sa-test_at_sendmail.net which is.......check that, I just looked
at the last log entry and saw this:
We hope this service has been helpful to you.
Authentication System: DomainKeys Identified
Mail
Result:
DKIM signature confirmed GOOD
Description:
Signature verified, message arrived intact
Reporting
host:
sendmail.net
More information:
http://mipassoc.org/dkim/
Sendmail
milter:
https://sourceforge.net/projects/dkim-milter/
give me a second while I verify if its right and I didn't just doze off and
dream it started working.
> Date: Tue, 26 Oct 2010 15:11:27 -0700
> Subject: Re: Signing problem
> From: tlyons_at_ivenue.com
> To: nosaj_17_at_hotmail.com
> CC: opendkim-users_at_lists.opendkim.org
>
> On Tue, Oct 26, 2010 at 2:24 PM, Jason Clint <nosaj_17_at_hotmail.com>
wrote:
> > Another update, setting the Domain to
> > marlborosurvey.net,mail.marlborosurvey.net gets rid of the other
errro:
> > Oct 26 15:07:44 mail opendkim[6446]: o9QL7iJ8006451: no signing
domain match
> > for `mail.marlborosurvey.net'
>
> I just wanted to point out that what you are seeing is not an
"error",
> it's debug output caused by the "LogWhy" statement being enabled
in
> your opendkim configuration.
>
> Murray, maybe a log identifier to indicate it's debug output and not
> an error would be beneficial. I'm torn though...
>
> --
> Regards... Todd
> I seek the truth...it is only persistence in self-delusion and
> ignorance that does harm. -- Marcus Aurealius
>
>
Received on Tue Oct 26 2010 - 23:07:50 PST