RE: Can't get opendkim to sign my outbound messages

From: John Karr <brainbuz_at_brainbuz.org>
Date: Mon, 20 Dec 2010 23:40:04 -0500

I'm not getting a mail.notice log, but here is a transaction from mail.info
for a test message I sent out. The "no signing domain match" is probably
significant, because I do have that domain specified in the list after
Domain in the configuration file.


Dec 21 04:24:12 node postfix/smtpd[5874]: connect from
pool-108-16-8-208.phlapa.fios.verizon.net[108.16.8.208]
Dec 21 04:24:13 node postfix/smtpd[5874]: 43BDB92D3:
client=pool-108-16-8-208.phlapa.fios.verizon.net[108.16.8.208]
Dec 21 04:24:15 node postfix/cleanup[5878]: 43BDB92D3:
message-id=<001201cba0c6$de754ff0$9b5fefd0$_at_org>
Dec 21 04:24:15 node opendkim[4908]: 43BDB92D3 no signing domain match for
`brainbuz.org'
Dec 21 04:24:15 node opendkim[4908]: 43BDB92D3 no signing subdomain match
for `brainbuz.org'
Dec 21 04:24:15 node opendkim[4908]: 43BDB92D3: no signature data
Dec 21 04:24:15 node postfix/qmgr[2299]: 43BDB92D3:
from=<brainbuz_at_brainbuz.org>, size=4138, nrcpt=4 (queue active)
Dec 21 04:24:16 node postfix/smtp[5879]: 43BDB92D3:
to=<donate_at_adamlang.com>, relay=adamlang.com[67.15.157.7]:25, delay=3.4,
delays=2.8/0.01/0.25/0.34, dsn=5.0.0, status=bounced (host
adamlang.com[67.15.157.7] said: 550 SITEGROUND: No Such mailbox here (in
reply to RCPT TO command))
Dec 21 04:24:16 node postfix/smtp[5879]: 43BDB92D3:
to=<treasurer_at_adamlang.com>, relay=adamlang.com[67.15.157.7]:25, delay=3.5,
delays=2.8/0.01/0.25/0.39, dsn=5.0.0, status=bounced (host
adamlang.com[67.15.157.7] said: 550 SITEGROUND: No Such mailbox here (in
reply to RCPT TO command))
Dec 21 04:24:17 node postfix/smtp[5880]: 43BDB92D3: to=<brainbuz_at_gmail.com>,
relay=gmail-smtp-in.l.google.com[74.125.91.27]:25, delay=5,
delays=2.8/0.02/0.38/1.8, dsn=2.0.0, status=sent (250 2.0.0 OK 1292905457
o13si9042750qcu.147)
Dec 21 04:24:18 node postfix/smtpd[5874]: disconnect from
pool-108-16-8-208.phlapa.fios.verizon.net[108.16.8.208]

-----Original Message-----
From: Murray S. Kucherawy [mailto:msk_at_blackops.org]
Sent: Monday, December 20, 2010 12:41 AM
To: John Karr
Subject: RE: Can't get opendkim to sign my outbound messages

On Mon, 20 Dec 2010, John Karr wrote:
> Configuration files and log snippets:
>
> /var/log/mail.log for a message sent (also duplicated in syslog):
> Dec 20 01:32:08 node postfix/smtp[4778]: 4E1EE92D3:
> to=<opendkim-users_at_lists.opendkim.org>,
> relay=megawatt.resistor.net[208.69.177.116]:25, delay=15,
> delays=0.1/0.01/11/4.1, dsn=2.0.0, status=sent (250 2.0.0 oBK1Vw1b006522
> Message accepted for delivery)

Since you have "LogWhy" enabled, there's quite a bit of stuff that
opendkim is sending to syslog but that you apparently aren't saving. The
events are sent at "info"; are you logging at "mail.notice"?

For example, you should be seeing logged items about whether or not the
sending IP address is considered "internal" or not, and whether or not the
From: domain matches a domain in the Domain list or in the SigningTable.

> # object is to sign all messages originating from these domains
> # a single key created using the opendkim-genkey defaults is used.
> Domain brainbuz.info, headtoheadvoting.org, galaxxychamber.com,
brainbuz.org

You might try removing the spaces after the commas. They are probably
being included as part of the values and thus preventing matches.
Received on Tue Dec 21 2010 - 04:40:45 PST