Hello,
I am using OpenDKIM 2.4.2 with Postfix 2.9.1 (on CentOS 5.8 x86_64).
I have configured a SigningTable of the form:
*_at_example.com default._domainkey.example.com
*_at_admin.example.com default._domainkey.example.com
*_at_tech.example.com default._domainkey.example.com
...
The question is: Do I need to define *for each and every subdomain*
separate (but otherwise identical) DNS entries of the form:
default._domainkey.example.com. 86400 IN TXT "v=DKIM1\;
r=postmaster\; g=*\; k=rsa\; p=MIGfMA0xGC.......................SqGSIb3DQB"
default._domainkey.admin.example.com. 86400 IN TXT "v=DKIM1\;
r=postmaster\; g=*\; k=rsa\; p=MIGfMA0xGC.......................SqGSIb3DQB"
default._domainkey.tech.example.com. 86400 IN TXT "v=DKIM1\;
r=postmaster\; g=*\; k=rsa\; p=MIGfMA0xGC.......................SqGSIb3DQB"
...
or is it enough to define only one DNS entry, just for the root domain?
All the above subdomains (admin, tech) are virtual ones specifying a
separate MX record.
Until now I am using the latter approach (only one DNS record) and I
have not had any problems, but now mail from userx_at_tech.example.com is
rejected by a particular domain, with the message:
host remote.server said: 550 Message does not match its signature (in
reply to end of DATA command)
The remote server identifies itself as: ESMTP Exim 4.72
Can you please shed some light on the above?
Thanks and Regards,
Nick
Received on Fri Jul 13 2012 - 07:37:43 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:41 PST