RE: no signing table

> -----Original Message-----
> From: Fabrizio Regalli [mailto:fab_at_mailsicura.org]
> Sent: Friday, March 04, 2011 10:13 AM
> To: Murray S. Kucherawy
> Cc: opendkim-users
> Subject: RE: no signing table
>
> > This means it looked for 'myuser_at_mydomain' and other variants of it
> > in the SigningTable (if you have one) and didn't find a match, so it's
> > not going to sign the message.
>
> If I don't understand bad this is what I expected: in my SigninTable I
> have only my own domains and not "external" domains.

That's right.

"LogWhy" should be on only if you're trying to figure out why mail from your domains isn't being signed. There are several things that can cause mail from your domain not to be signed. They include these important conditions:

1) the mail didn't come from an internal source (this is checked so that someone outside relaying mail through your MTA doesn't get signed even if it has your domain name on it)

2) the mail didn't have a From: domain matching an entry in your SigningTable or Domain list

3) you have subdomain signing enabled, and it didn't find the parent domain of the From: domain in your SigningTable or Domain list

The log message we're talking about here is telling you that (2) was true.

If things are operating properly, you can turn "LogWhy" off because you don't need to figure out which of these two checks isn't producing correct results.

-MSK
Received on Fri Mar 04 2011 - 18:17:21 PST