Hi,
I recently setup our MX to sign outgoing mails. I am using postfix and
opendkim on debian wheezy.
It used to work just fine for the main domains medical-city.[de|eu] we use.
Several days later I added similar setup for a further domain and it
seemed I mixed something up while doing so.
This morning a got a bounce from hotmail and I suppose it's due to the
mail setup stopped signing my outgoing e-mail (DMARC records, though
action=none).
In spite everything seemed ok for me on the first hand, I decided to
setup new keys for the two effected domains and changed DNS records
correspondingly.
However, still no success :(.
It still works for the new domain (voll-tbl) I added recently but no
more for the main domains :(. Current setup:
---cut opendkim.conf---
Domain medical-city.eu
KeyFile /etc/mail/medicalEU.private
Selector medicaleu
Domain medical-city.de
KeyFile /etc/mail/medicalDE.privat
Selector medicalde
Domain voll-tbl.de
KeyFile /etc/mail/voll-tbl.key
Selector voll-tbl
---cut---
root_at_www:/etc/mail# ls -l
total 40K
-rw------- 1 opendkim opendkim 887 Sep 23 10:06 medicalDE.private
-rw------- 1 root root 317 Sep 23 10:06 medicalDE.txt
-rw------- 1 opendkim opendkim 887 Sep 23 10:06 medicalEU.private
-rw------- 1 root root 317 Sep 23 10:19 medicalEU.txt
-rw------- 1 opendkim opendkim 887 Sep 12 18:14 voll-tbl.key
-rw------- 1 root root 306 Sep 12 18:14 voll-tbl.txt
---cut---
Domainkey from DNS:
---cut---
root_at_www:/etc/mail# dig medicalde._domainkey.medical-city.de TXT
....
;; ANSWER SECTION:
medicalde._domainkey.medical-city.de. 86400 IN TXT "v=DKIM1\; k=rsa\;
t=y\;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDR08BctnDo6HjyBD9Bf1UKpxqRBhpPNHFxj9lEWR8az7ybAkpKO3ZYl2oBq1TZzEIWgl8GG4ITQ1z1/iLVdPQ8DirDdyx6BLwdUYQVmMIzOogXiMmx9kVSckwDV3xJGIoq0ErG8wB2b8kLd2eslRErVBlvTLBqNXNPdptIPw9JSwIDAQAB"
---cut---
---cut contens of local public file---
root_at_www:/etc/mail# cat medicalDE.txt
medicalDE._domainkey IN TXT "v=DKIM1; k=rsa; t=y;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDR08BctnDo6HjyBD9Bf1UKpxqRBhpPNHFxj9lEWR8az7ybAkpKO3ZYl2oBq1TZzEIWgl8GG4ITQ1z1/iLVdPQ8DirDdyx6BLwdUYQVmMIzOogXiMmx9kVSckwDV3xJGIoq0ErG8wB2b8kLd2eslRErVBlvTLBqNXNPdptIPw9JSwIDAQAB"
; ----- DKIM key medicalDE for medical-city.de
---cut---
Using LogWhy syslog returns:
---cut---
Sep 23 11:08:23 www postfix/cleanup[2788]: 2C55F1880F6C:
message-id=<52400506.6020401_at_medical-city.de>
Sep 23 11:08:23 www opendkim[2352]: 2C55F1880F6C: no signing domain
match for 'medical-city.de'
Sep 23 11:08:23 www opendkim[2352]: 2C55F1880F6C: no signing subdomain
match for 'medical-city.de'
Sep 23 11:08:23 www opendkim[2352]: 2C55F1880F6C: no signature data
---cut---
Any idea why opendkim can't find the corresponding domain would be
greatly appreciated, TIA.
--
- maik
Received on Mon Sep 23 2013 - 09:37:38 PST