RE: Added SMTP-AUTH / TLS now mail doesn't sign from Steve Jenkins on 2010-11-09 (OpenDKIM Users mailing list)

From: Steve Jenkins <steve_at_stevejenkins.com>
Date: Tue, 9 Nov 2010 15:55:29 -0800

Rebuilding keys with:

-s selector

And then updating everything from "default" to "selector" did the trick.
Thanks, all! Dunno what got hosed, but at least I'm signing again ;)

SJ

-----Original Message-----
From: opendkim-users-bounce_at_lists.opendkim.org
[mailto:opendkim-users-bounce_at_lists.opendkim.org] On Behalf Of Steve Jenkins
Sent: Tuesday, November 09, 2010 3:50 PM
To: 'SM'
Cc: opendkim-users_at_lists.opendkim.org
Subject: RE: Added SMTP-AUTH / TLS now mail doesn't sign

Thanks SM - but the domain with which I'm subscribed to this list isn't the
one having problems. It's one of my work servers. :(

I'm gonna wait the 3600 seconds to see if the cache times out and starts
working. :) If that doesn't work, I'll change the selector and see how that
goes.

Thanks,

SJ

-----Original Message-----
From: SM [mailto:sm_at_resistor.net]
Sent: Tuesday, November 09, 2010 3:44 PM
To: Steve Jenkins
Cc: opendkim-users_at_lists.opendkim.org
Subject: Re: Added SMTP-AUTH / TLS now mail doesn't sign

Hi Steve,
At 15:19 09-11-10, Steve Jenkins wrote:
>I don't know if it's correlated at all or not, but my outgoing mail stopped
>signing today. I'm now getting:
>
>result = fail
>Details: bad RSA signature
>
>When I send a test message to Brandon Chekett's test site.
>
>The only thing I did was add SMTP-AUTH and TLS to the mail server today, to
>allow me to send signed mail from Outlook through the server. But that
>shouldn't have had anything to do with the DKIM keys, right?

SMTP AUTH and/or TLS should not break your DKIM signature.

The message you posted to this mailing list was successfully (DKIM)
verified.

At 15:38 09-11-10, Steve Jenkins wrote:
>It gets stranger....
>
>I sent test messages to 5 places:
>
>Gmail - fail
>BrandonChecketts.com - fail
>check-auth_at_verifier.port25.com - pass
>autorespond+dkim_at_dk.elandsys.com - pass
>sa-test_at_sendmail.net - pass
>
>
>Any ideas as to why it would flunk two and pass three? Problem is, the two
>it flunked at the two I trust most. Any chance it's cached the DNS records
>from before I updated them? :)

You are using the same selector and you changed the DNS record. Some
verifiers might be using the "cached" DNS record.

Regards,
-sm
Received on Tue Nov 09 2010 - 23:55:37 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:19:49 PST