Signing problems with OpenDKIM on Ubuntu

From: Jim Fenton <fenton_at_bluepopcorn.net>
Date: Fri, 19 Apr 2013 23:11:58 -0700

I recently switched from Fedora to Ubuntu (12.10) and upgraded from a
fairly old version of OpenDKIM to the version provided by
quantal-backports (2.6.8). It's verifying signatures just fine, but not
signing. Using OpenDKIM with sendmail (8.14.4-2.1ubuntu1). I'm not
getting any clues from the syslog. Here's what I have tried:

1. Explicitly made sure my mode was "sv"
2. double-checked location and permissions on key file (although if this
was amiss, I would expect something in syslog)
3. Turned on "LogWhy" (and still no clues on signing)
4. Set InternalHosts to 0.0.0.0/0 to make sure that it wasn't because I
was sending from the wrong IP address
5. Changed Domain to xbluepopcorn.net. Then I do get messages in
syslog, e.g.:
Apr 19 22:30:30 kernel opendkim[14486]: r3K5UTNM014503: no signing
domain match for 'bluepopcorn.net'

So it must be intending to sign, but not going through with it.

Any ideas?

Also, I'd like to check my understanding of InternalHosts. Is there a
way to always consider a message coming through the submission port
(587) to be something to sign rather than verify, regardless of source
IP address? How would I specify this, or is it automatic?

-Jim
Received on Sat Apr 20 2013 - 06:11:55 PST