From: msk@cloudm=
ark.com
To: opendkim-users@lists.opendkim.org
Date: Tue=2C 26 Oct 2010 13:36:59 -0700
Subject: RE: Signing problem
Note the log entr= ies for the outgoing message:
 =3B=
span>
Oct 26 14:05:40 =
mail opendkim[6051]:
o9QK5eV3006143: no signing domain match for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing subdomain m=
atch
for `mail.marlborosurvey.net'
That=92s taken fr= om your From: line in the outgoing mail. =3B And note your configuration:
 =3B=
span>
Domain =3B&n= bsp=3B =3B  =3B =3B =3B  =3B =3B =3B =3B =3B =3B =3B =3B  =3B &= nbsp=3B  =3B  =3B marlborosurvey.net
Since those two s= trings don=92t match=2C it=92s not signing.
 =3B=
span>
The easiest thing= to do will be to change =93Domain=94 to be =93marlborosurvey.net=2Cmail.marlborosurvey.net=94. =3B Or if you want = to sign for all domains and subdomains=2C you could also set =93Subdomains=94 to =93Tru= e=94.
 =3B=
span>
-MSK
 =3B=
span>
From:
opendkim-users-bounce@lists.opendkim.org [mailto:opendkim-users-bounce@list=
s.opendkim.org]
On Behalf Of Jason Clint
Sent: Tuesday=2C October 26=2C 2010 1:16 PM
To: opendkim-users@lists.opendkim.org
Subject: Signing problem
 =3B
Ok
so I cannot figure this out=2C I have been trying to get dkim headers on my
emails for days and I am stumped. =3B Hopefully someone from the list c=
an
point out whatever mistake I am obviously making. =3B So on to the deta=
ils=2C I
currently have sendmail-8.14.4 and opendkim-2.2.1 compiled and setup with t=
he
libmilter installed. =3B I have my key setup on my external dns like so=
:
mail ~ # host -t txt mail._domainkey.marlborosurvey.net
mail._domainkey.marlborosurvey.net descriptive text "v=3DDKIM1\=3B k=3Drsa\=
=3B
p=3DMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGAq3ldG6D1fJiWoXPDpKg9dx42LhQysL=
AgMwo7cDrBiPMJ9jKh/YIAPAdFm6lHMWOQiL+IryQH+XCMSecdEj67Uw+EIxMgVT/KNQAH9Lqax=
8YnM5f91XZrazHLfa8U+bzHrSw15VhXCe9wb+sDtSa3E39naEY7nW5EJRCnCEm0QIDAQAB"
and my opendkim.conf with these options:
mail ~ # cat /etc/opendkim.conf | egrep -v '(#)'
Canonicalization =3B =3B  =3B  =3B  =3B =3B relaxed=
/simple
Diagnostics =3B =3B =3B  =3B =3B  =3B  =3B &nbs=
p=3B  =3B
 =3B =3B yes
Domain =3B =3B =3B  =3B =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B  =3B &=
nbsp=3B  =3B  =3B
marlborosurvey.net
InternalHosts =3B =3B =3B =3B =3B =3B =3B =
=3B =3B =3B =3B =3B =3B =3B
/etc/mail/dkim/trusted-hosts
KeepTemporaryFiles =3B =3B yes
KeyFile =3B =3B =3B  =3B =3B =3B  =3B =3B &=
nbsp=3B  =3B  =3B
 =3B  =3B  =3B  =3B =3B /var/db/dkim/mail.key.pem
LogWhy =3B =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb=
sp=3B =3B =3B =3B =3B =3B =3B =3B =3B =
=3B
yes
Selector =3B =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb=
sp=3B =3B =3B =3B =3B =3B =3B =3B =3B =
=3B
mail
Socket =3B =3B =3B  =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb=
sp=3B =3B =3B =3B =3B =3B =3B =3B =3B
inet:8891@localhost
Syslog =3B =3B  =3B =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb=
sp=3B =3B =3B =3B =3B =3B =3B =3B =3B
Yes
TemporaryDirectory =3B =3B /var/tmp
 =3BUserID =3B =3B  =3B =3B =3B
 =3B =3B =3B =3B =3B =3B =3B =3B =3B&nb=
sp=3B =3B =3B =3B =3B =3B =3B
dkim
mail ~ # ls -al /var/db/dkim/
total 24
drwxr-xr-x 2 root root 4096 Oct 25 15:56 .
drwxr-xr-x 4 root root 4096 Oct 25 15:56 ..
-rw------- 1 root root =3B 887 Oct 25 15:55 mail.key.pem
mail ~ # ls -al /etc/mail
total 188
drwxr-xr-x =3B 3 root root =3B 4096 Oct 26 13:49 .
drwxr-xr-x 81 root root =3B 4096 Oct 26 13:51 ..
-rw-r--r-- =3B 1 root root =3B =3B 485 Oct 25 15:23 access
-rw-r----- =3B 1 root root 12288 Oct 26 12:51 access.db
lrwxrwxrwx =3B 1 root root =3B =3B =3B 12 Oct 25 14:41 alia=
ses ->=3B
/etc/aliases
-rw-r----- =3B 1 root root 12288 Oct 26 12:51 aliases.db
drwxr-xr-x =3B 2 root root =3B 4096 Oct 26 13:50 dkim
-r--r--r-- =3B 1 bin =3B bin =3B =3B 5657 Oct 25 15:53 help=
file
-rw-r--r-- =3B 1 root root =3B =3B =3B 43 Oct 25 15:42 loca=
l-host-names
-rw-r--r-- =3B 1 root root =3B =3B =3B 41 Oct 26 13:41 rela=
y-domains
-r--r--r-- =3B 1 root bin =3B 42598 Oct 25 16:26 sendmail.cf
-rw------- =3B 1 root bin =3B =3B =3B =3B =3B 0 Oct=
25 15:53
statistics
-r--r--r-- =3B 1 root bin =3B 41449 Oct 25 16:26 submit.cf
mail ~ # cat /etc/mail/dkim/trusted-hosts
mail.marlborosurvey.net
127.0.0.1/8
mail ~ # ls -al /etc/mail/dkim/
total 16
drwxr-xr-x 2 root root 4096 Oct 26 13:50 .
drwxr-xr-x 3 root root 4096 Oct 26 13:49 ..
-rw-r--r-- 1 root root =3B =3B 36 Oct 26 13:50 trusted-hosts
Also here are some tidbits from the log I was getting:
mail ~ # tail -f /var/log/maillog
Oct 26 14:05:39 mail sendmail[6142]: o9QK5dFW006142: from=3Droot=2C size=3D=
26=2C
class=3D0=2C nrcpts=3D1=2C
msgid=3D<=3B201010262005.o9QK5dFW006142@mail.marlborosurvey.net>=3B=2C
relay=3Droot@localhost
Oct 26 14:05:40 mail sendmail[6143]: o9QK5eV3006143:
from=3D<=3Broot@mail.marlborosurvey.net>=3B=2C size=3D332=2C class=3D0=
=2C nrcpts=3D1=2C
msgid=3D<=3B201010262005.o9QK5dFW006142@mail.marlborosurvey.net>=3B=2C =
proto=3DESMTP=2C
daemon=3DMTA=2C relay=3Dlocalhost.localdomain [127.0.0.1]
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: localhost.localdomain
[127.0.0.1] not internal
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: not authenticated
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing domain matc=
h
for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signing subdomain m=
atch
for `mail.marlborosurvey.net'
Oct 26 14:05:40 mail opendkim[6051]: o9QK5eV3006143: no signature data
Oct 26 14:05:41 mail sendmail[6142]: o9QK5dFW006142: to=3Dsa-test@sendmail.=
net=2C
ctladdr=3Droot (0/0)=2C delay=3D00:00:02=2C xdelay=3D00:00:01=2C mailer=3Dr=
elay=2C pri=3D30026=2C
relay=3D[127.0.0.1] [127.0.0.1]=2C dsn=3D2.0.0=2C stat=3DSent (o9QK5eV30061=
43 Message
accepted for delivery)
Oct 26 14:05:41 mail sendmail[6146]: STARTTLS=3Dclient=2C relay=3Dsmtp.send=
mail.net.=2C
version=3DTLSv1/SSLv3=2C verify=3DFAIL=2C cipher=3DDHE-RSA-AES256-SHA=2C bi=
ts=3D256/256
Oct 26 14:05:42 mail sendmail[6146]: o9QK5eV3006143: to=3D<=3Bsa-test@sen=
dmail.net>=3B=2C
ctladdr=3D<=3Broot@mail.marlborosurvey.net>=3B (0/0)=2C delay=3D00:00:0=
2=2C
xdelay=3D00:00:01=2C mailer=3Desmtp=2C pri=3D120332=2C relay=3Dsmtp.sendmai=
l.net.
[209.246.26.21]=2C dsn=3D2.0.0=2C stat=3DSent (o9QK5ftM074087 Message accep=
ted for
delivery)
Oct 26 14:05:44 mail sendmail[6147]: o9QK5iv1006147:
from=3D<=3Bmailnull@sendmail.net>=3B=2C size=3D3838=2C class=3D0=2C nrc=
pts=3D1=2C
msgid=3D<=3B201010262005.o9QK5g4h074098@sendmail.net>=3B=2C proto=3DESM=
TP=2C
daemon=3DMTA=2C relay=3Dsendmail.net [209.246.26.21]
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: sendmail.net
[209.246.26.21] not internal
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: not authenticated
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: no signing domain matc=
h
for `sendmail.net'
Oct 26 14:05:44 mail opendkim[6051]: o9QK5iv1006147: no signing subdomain m=
atch
for `sendmail.net'
Oct 26 14:05:44 mail sendmail[6147]: o9QK5iv1006147: Milter insert (1): hea=
der:
Authentication-Results: =3B mail.marlborosurvey.net=3B dkim=3Dpass (102=
4-bit
key)\n\theader.i=3D@sendmail.net header.b=3Dh1lqFa58=3B dkim-adsp=3Dpass
Oct 26 14:05:44 mail sendmail[6149]: o9QK5iv1006147:
to=3D<=3Broot@marlborosurvey.net>=3B=2C delay=3D00:00:00=2C xdelay=3D00=
:00:00=2C
mailer=3Dlocal=2C pri=3D34165=2C dsn=3D2.0.0=2C stat=3DSent
mail ~ # tail -f /var/mail/root