From: msk@cloudm= ark.com
To: opendkim-users@lists.opendkim.org
Date: Tue=2C 26 Oct 2010 13:36:59 -0700
Subject: RE: Signing problem

Note the log entr= ies for the outgoing message:

 =3B

Oct 26 14:05:40 = mail opendkim[6051]: o9QK5eV3006143: no signing domain match for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing subdomain m= atch for `mail.marlborosurvey.net'

That=92s taken fr= om your From: line in the outgoing mail. =3B And note your configuration:

 =3B

Domain =3B&n= bsp=3B =3B  =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B  =3B &= nbsp=3B  =3B  =3B marlborosurvey.net

Since those two s= trings don=92t match=2C it=92s not signing.

 =3B

The easiest thing= to do will be to change =93Domain=94 to be =93marlborosurvey.net=2Cmail.marlborosurvey.net=94. =3B Or if you want = to sign for all domains and subdomains=2C you could also set =93Subdomains=94 to =93Tru= e=94.

 =3B

-MSK

 =3B

From: opendkim-users-bounce@lists.opendkim.org [mailto:opendkim-users-bounce@list= s.opendkim.org] On Behalf Of Jason Clint
Sent: Tuesday=2C October 26=2C 2010 1:16 PM
To: opendkim-users@lists.opendkim.org
Subject: Signing problem

 =3B

Ok so I cannot figure this out=2C I have been trying to get dkim headers on my emails for days and I am stumped. =3B Hopefully someone from the list c= an point out whatever mistake I am obviously making. =3B So on to the deta= ils=2C I currently have sendmail-8.14.4 and opendkim-2.2.1 compiled and setup with t= he libmilter installed. =3B I have my key setup on my external dns like so= :

mail ~ # host -t txt mail._domainkey.marlborosurvey.net
mail._domainkey.marlborosurvey.net descriptive text "v=3DDKIM1\=3B k=3Drsa\= =3B p=3DMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGAq3ldG6D1fJiWoXPDpKg9dx42LhQysL= AgMwo7cDrBiPMJ9jKh/YIAPAdFm6lHMWOQiL+IryQH+XCMSecdEj67Uw+EIxMgVT/KNQAH9Lqax= 8YnM5f91XZrazHLfa8U+bzHrSw15VhXCe9wb+sDtSa3E39naEY7nW5EJRCnCEm0QIDAQAB"

and my opendkim.conf with these options:

mail ~ # cat /etc/opendkim.conf | egrep -v '(#)'
Canonicalization =3B =3B  =3B  =3B  =3B =3B relaxed= /simple
Diagnostics =3B =3B =3B  =3B =3B  =3B  =3B &nbs= p=3B  =3B  =3B =3B yes
Domain =3B =3B =3B  =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B  =3B &= nbsp=3B  =3B  =3B marlborosurvey.net
InternalHosts =3B =3B =3B =3B =3B =3B =3B = =3B =3B =3B =3B =3B =3B =3B /etc/mail/dkim/trusted-hosts
KeepTemporaryFiles =3B =3B yes
KeyFile =3B =3B =3B  =3B =3B =3B  =3B =3B &= nbsp=3B  =3B  =3B  =3B  =3B  =3B  =3B =3B /var/db/dkim/mail.key.pem
LogWhy =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb= sp=3B =3B =3B =3B =3B =3B =3B =3B =3B = =3B yes
Selector =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb= sp=3B =3B =3B =3B =3B =3B =3B =3B =3B = =3B mail
Socket =3B =3B =3B  =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb= sp=3B =3B =3B =3B =3B =3B =3B =3B =3B inet:8891@localhost
Syslog =3B =3B  =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb= sp=3B =3B =3B =3B =3B =3B =3B =3B =3B Yes
TemporaryDirectory =3B =3B /var/tmp
 =3BUserID =3B =3B  =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb= sp=3B =3B =3B =3B =3B =3B =3B dkim


mail ~ # ls -al /var/db/dkim/
total 24
drwxr-xr-x 2 root root 4096 Oct 25 15:56 .
drwxr-xr-x 4 root root 4096 Oct 25 15:56 ..
-rw------- 1 root root =3B 887 Oct 25 15:55 mail.key.pem

mail ~ # ls -al /etc/mail
total 188
drwxr-xr-x =3B 3 root root =3B 4096 Oct 26 13:49 .
drwxr-xr-x 81 root root =3B 4096 Oct 26 13:51 ..
-rw-r--r-- =3B 1 root root =3B =3B 485 Oct 25 15:23 access
-rw-r----- =3B 1 root root 12288 Oct 26 12:51 access.db
lrwxrwxrwx =3B 1 root root =3B =3B =3B 12 Oct 25 14:41 alia= ses ->=3B /etc/aliases
-rw-r----- =3B 1 root root 12288 Oct 26 12:51 aliases.db
drwxr-xr-x =3B 2 root root =3B 4096 Oct 26 13:50 dkim
-r--r--r-- =3B 1 bin =3B bin =3B =3B 5657 Oct 25 15:53 help= file
-rw-r--r-- =3B 1 root root =3B =3B =3B 43 Oct 25 15:42 loca= l-host-names
-rw-r--r-- =3B 1 root root =3B =3B =3B 41 Oct 26 13:41 rela= y-domains
-r--r--r-- =3B 1 root bin =3B 42598 Oct 25 16:26 sendmail.cf
-rw------- =3B 1 root bin =3B =3B =3B =3B =3B 0 Oct= 25 15:53 statistics
-r--r--r-- =3B 1 root bin =3B 41449 Oct 25 16:26 submit.cf

mail ~ # cat /etc/mail/dkim/trusted-hosts
mail.marlborosurvey.net
127.0.0.1/8


mail ~ # ls -al /etc/mail/dkim/
total 16
drwxr-xr-x 2 root root 4096 Oct 26 13:50 .
drwxr-xr-x 3 root root 4096 Oct 26 13:49 ..
-rw-r--r-- 1 root root =3B =3B 36 Oct 26 13:50 trusted-hosts


Also here are some tidbits from the log I was getting:

mail ~ # tail -f /var/log/maillog
Oct 26 14:05:39 mail sendmail[6142]: o9QK5dFW006142: from=3Droot=2C size=3D= 26=2C class=3D0=2C nrcpts=3D1=2C msgid=3D<=3B201010262005.o9QK5dFW006142@mail.marlborosurvey.net>=3B=2C relay=3Droot@localhost
Oct 26 14:05:40 mail sendmail[6143]: o9QK5eV3006143: from=3D<=3Broot@mail.marlborosurvey.net>=3B=2C size=3D332=2C class=3D0= =2C nrcpts=3D1=2C msgid=3D<=3B201010262005.o9QK5dFW006142@mail.marlborosurvey.net>=3B=2C = proto=3DESMTP=2C daemon=3DMTA=2C relay=3Dlocalhost.localdomain [127.0.0.1]
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: localhost.localdomain [127.0.0.1] not internal
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: not authenticated
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing domain matc= h for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing subdomain m= atch for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signature data
Oct 26 14:05:41 mail sendmail[6142]: o9QK5dFW006142: to=3Dsa-test@sendmail.= net=2C ctladdr=3Droot (0/0)=2C delay=3D00:00:02=2C xdelay=3D00:00:01=2C mailer=3Dr= elay=2C pri=3D30026=2C relay=3D[127.0.0.1] [127.0.0.1]=2C dsn=3D2.0.0=2C stat=3DSent (o9QK5eV30061= 43 Message accepted for delivery)
Oct 26 14:05:41 mail sendmail[6146]: STARTTLS=3Dclient=2C relay=3Dsmtp.send= mail.net.=2C version=3DTLSv1/SSLv3=2C verify=3DFAIL=2C cipher=3DDHE-RSA-AES256-SHA=2C bi= ts=3D256/256
Oct 26 14:05:42 mail sendmail[6146]: o9QK5eV3006143: to=3D<=3Bsa-test@sen= dmail.net>=3B=2C ctladdr=3D<=3Broot@mail.marlborosurvey.net>=3B (0/0)=2C delay=3D00:00:0= 2=2C xdelay=3D00:00:01=2C mailer=3Desmtp=2C pri=3D120332=2C relay=3Dsmtp.sendmai= l.net. [209.246.26.21]=2C dsn=3D2.0.0=2C stat=3DSent (o9QK5ftM074087 Message accep= ted for delivery)
Oct 26 14:05:44 mail sendmail[6147]: o9QK5iv1006147: from=3D<=3Bmailnull@sendmail.net>=3B=2C size=3D3838=2C class=3D0=2C nrc= pts=3D1=2C msgid=3D<=3B201010262005.o9QK5g4h074098@sendmail.net>=3B=2C proto=3DESM= TP=2C daemon=3DMTA=2C relay=3Dsendmail.net [209.246.26.21]
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: sendmail.net [209.246.26.21] not internal
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: not authenticated
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: no signing domain matc= h for `sendmail.net'
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: no signing subdomain m= atch for `sendmail.net'
Oct 26 14:05:44 mail sendmail[6147]: o9QK5iv1006147: Milter insert (1): hea= der: Authentication-Results: =3B mail.marlborosurvey.net=3B dkim=3Dpass (102= 4-bit key)\n\theader.i=3D@sendmail.net header.b=3Dh1lqFa58=3B dkim-adsp=3Dpass Oct 26 14:05:44 mail sendmail[6149]: o9QK5iv1006147: to=3D<=3Broot@marlborosurvey.net>=3B=2C delay=3D00:00:00=2C xdelay=3D00= :00:00=2C mailer=3Dlocal=2C pri=3D34165=2C dsn=3D2.0.0=2C stat=3DSent


mail ~ #
tail -f /var/mail/root