Re: DKIM - InternalHosts

From: John Espiro <john_espiro_at_yahoo.com>
Date: Wed, 26 Jan 2011 01:01:38 +0100

Hi Murray -
Thanks for your reply.

The Domain line looks like:
Domain domainA.com,domainB.com

There's no space after the comma (I had read a while ago that there were
problems with a space). So I wonder what else it could be...

Re: the MTA issue, I'll take a look at my sendmail config - that should
be an easy fix.

John

On 1/26/2011 12:09 AM, Murray S. Kucherawy wrote:
>
> Is there a space around the comma in the Domain line? I can't tell
> from the way this MUA formats your mail. If there is, try without it.
>
> The issue is that "DomainB.com" doesn't appear to be in the domain
> list. It sees that in your From: but not in the list of domains to
> sign. Prior to v2.3.0, spaces weren't discarded in the Domain value
> which can unfortunately lead to mismatches.
>
> "no MTA name match" means the MTA connecting to the filter didn't
> announce its name as "MSA", matching what you have configured.
>
> The message would be signed if either of those were true.
>
> *From:*opendkim-users-bounce_at_lists.opendkim.org
> [mailto:opendkim-users-bounce_at_lists.opendkim.org] *On Behalf Of *John
> Espiro
> *Sent:* Tuesday, January 25, 2011 2:54 PM
> *To:* opendkim-users_at_lists.opendkim.org
> *Subject:* DKIM - InternalHosts
>
> Hi there -
>
> Sorry for the length of this message, however I wanted to fit as much
> data in to describe the issue I am having...
>
> I had been using DKIM-milter and switched to OpenDKIM just recently. I
> have 2 domains: domainA.com and domainB.com.
>
> My server handles email for both, and I use mail.domainA.com as my
> outgoing server for both. (mail.domainA.com is a pointer for domainA.com).
>
> From Thunderbird, via my home connection (sending with the outgoing
> smtp as mail.domainA.com) from domainB.com as the "from", I see the
> following:
>
> Jan 25 22:39:59 opendkim[21561]: p0PMdtQh021667: no MTA name match
> Jan 25 22:39:59 opendkim[21561]: p0PMdtQh021667: no signing domain
> match for `DomainB.com'
> Jan 25 22:39:59 opendkim[21561]: p0PMdtQh021667: no signing subdomain
> match for `DomainB.com'
> Jan 25 22:39:59 opendkim[21561]: p0PMdtQh021667: no signature data
>
> Sending via my webmail, I see OpenDKIM working perfectly.
>
> From thunderbird, via my home connection (sending with the outgoing
> smtp as mail.domainA.com) from domainA.com as the "from", I see
> OpenDKIM working perfectly. Although it does say " no MTA name match".
>
> 1.) What do I need to configure so that sending with domainB.com works?
> 2.) What does " no MTA name match" mean and how can I fix it?
>
> cat /etc/opendkim.conf:
>
> Syslog yes
> UMask 002
> Canonicalization relaxed/simple
> KeyFile /var/db/dkim/mail.key.pem
> MTA MSA
> Selector mail
> Socket inet:8891_at_localhost
> SignatureAlgorithm rsa-sha256
> Syslog Yes
> Userid opendkim
> X-Header Yes
> Mode sv
> InternalHosts /etc/dkim-internal-hosts
> LogWhy True
>
> cat /etc/dkim-internal-hosts:
>
> ip address of domainA.com
> ip address of domainB.com
> 127.0.0.1/8
>
>
> John
>
Received on Wed Jan 26 2011 - 00:06:28 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:15 PST