Thanks guys...
1) It's just getting loged and OSSEC is sending out an alert everytime this happens, which is a few times an hour. These are all spam messages from what I can tell so my antispam thing is taking care of them.
2) I don't seem to have On-KeyNotFound. I have the following:
On-Default accept
On-BadSignature accept
On-DNSError tempfail
On-InternalError accept
On-NoSignature accept
On-Security tempfail
Should I add it? Should I modify the on-DNSError one?
On Saturday, January 25, 2014 12:27 AM, Murray S. Kucherawy <msk_at_blackops.org> wrote:
On Fri, 24 Jan 2014, john espiro wrote:
> I keep seeing errors in my logs that say things like this:
> opendkim[23395]: s0OGvk7d005863: key retrieval failed (s=key1, d=pLNoauBPhu.if
> feent.net)
> Google searches only seem to indicate that I can solve this by adding: "On-DNS
> Error accept"
> Can anyone tell me why this error occurs, if I should add that option, and wha
> t the ramifications of doing so are?
There isn't a key in the DNS by that name. OpenDKIM should just deliver
that message since the default for On-KeyNotFound defaults to the "accept"
action.
Is the issue that you're seeing this logged, or that messages are being
temp-failed or rejected?
-MSK
Received on Sat Jan 25 2014 - 04:24:45 PST
This archive was generated by hypermail 2.3.0
: Sat Jan 25 2014 - 04:27:02 PST