On 6/12/2011 9:33 μμ, SM wrote:
>> ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
>
> You do not need the above.
>
>> then /etc/opendkim/TrustedHosts should be:
>>
>> 127.0.0.1
>
> Put in that IP address only.
>
Thank you all for your advice.
I've set it up according to your instructions and signatures are
inserted correctly (it should be also included in this mail message).
However, verification tests fail.
For example, from
http://www.brandonchecketts.com/emailtest.php I get:
Public Key DNS Lookup
Building DNS Query for default._domainkey.noa.gr
Retrieved this publickey from DNS:
Validating Signature
result = invalid
Details: public key: not available
But if I query DNS directly, I get results:
# dig default._domainkey.noa.gr ANY
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>>
default._domainkey.noa.gr ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38377
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;default._domainkey.noa.gr. IN ANY
;; ANSWER SECTION:
default._domainkey.noa.gr. 86400 IN TXT "v=DKIM1\; r=postmaster\; g=*\;
k=rsa\;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuCuX6f5H5ojS7CSr2ieppyq+8cavQZvnxYqp7+tRfuGxQoSnOIRF8mdYYkc+W6Zv6d8iGxBSLdzC2I0V7qsrXxTPv+vuASc3q2s6QgEtQzxM9Anz1UHSh+JnW/Oyw8h6bTiIbNIZVoJFFBnCAdU9XUETgIp/TTS7FIe6L/2L45wIDAQAB"
;; Query time: 3 msec
;; SERVER: 195.251.204.236#53(195.251.204.236)
;; WHEN: Wed Dec 7 10:32:46 2011
;; MSG SIZE rcvd: 309
and:
# dig _adsp._domainkey.noa.gr ANY
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1 <<>>
_adsp._domainkey.noa.gr ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11759
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_adsp._domainkey.noa.gr. IN ANY
;; ANSWER SECTION:
_adsp._domainkey.noa.gr. 86400 IN TXT "dkim=unknown"
;; Query time: 2 msec
;; SERVER: 195.251.204.236#53(195.251.204.236)
;; WHEN: Wed Dec 7 10:38:32 2011
;; MSG SIZE rcvd: 66
What may be wrong?
Thanks again,
Nick
Received on Wed Dec 07 2011 - 08:41:30 PST