| Linode Forum https://forum.linode.com/ |
|
| DKIM DNS TXT record https://forum.linode.com/viewtopic.php?f=11&t=7721 |
Page 1 of 1 |
| Author: | linoobSteve [ Sat Sep 10, 2011 6:40 pm ] |
| Post subject: | DKIM DNS TXT record |
I just setup dkim using opendkim on an ubuntu 10.04 server. Everything seemed to go smoothly but when I send a test email to autorespond+dkim[at]dk.elandsys.com, I get the following: Quote: The results are as follows:
DKIM Signature validation: not available DKIM Author Domain Signing Practices: no DNS record for _adsp._domainkey.********.com ADSP is not required for DKIM signature validation. Note: The authentication results are not available as there was no signature header or the signature could not be verified Information about DKIM is available at http://www.elandsys.com/resources/mail/ ... ndkim.html Information about ADSP is available at http://www.elandsys.com/resources/sendm ... ndkim.html Information about dkim-milter is available at http://www.elandsys.com/resources/sendmail/dkim.html Information about DomainKeys is available at http://www.elandsys.com/resources/sendm ... nkeys.html Original message: Received: from liberty.********.com (li371-73.members.linode.com [96.126.122.73]) by mx.elandsys.com (8.14.4/8.14.5) with ESMTP id p8ALNUZr012213 for <autorespond+dkim@dk.elandsys.com>; Sat, 10 Sep 2011 14:23:36 -0700 (PDT) Received: by liberty.********.com (Postfix, from userid 33) id 4EBF8C7C0; Sat, 10 Sep 2011 17:23:29 -0400 (EDT) DomainKey-Signature: a=rsa-sha1; s=********; d=********.com; c=simple; q=dns; b=oLYMc16U1c9ztV4cnilGTdeA6qIARkvfB4fihzWuoVQWkJ2EmPHhkUHlQ1tFZIIm5 oj9zHzKTL7/oy+ohaBLyKDkY2yQ8ZbQMZ+Tm3NahrPgyF2PaLJhanSOU8tFBFwDtJ0w iNdAVftNSc3Rd6dhbDQmeOQdwSzfnrK4fniOR+0= X-DKIM: OpenDKIM Filter v2.0.2 liberty.********.com 4EBF8C7C0 To: <autorespond+dkim@dk.elandsys.com> Subject: dkim test X-PHP-Originating-Script: 0:func.inc MIME-Version: 1.0 Date: Sat, 10 Sep 2011 17:23:29 -0400 From: "Steve O'Connor" <steve@********.com> Message-ID: <9001db7d7036f684df27eb7a7d79e86b@localhost> X-Sender: steve@********.com User-Agent: RoundCube Webmail/0.3.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 This is a dkim test. I set the TXT record as follows: Name: ********._domainkey Value: v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQNJgrFoP7Af5 pSPbIKkajnT+rz/NWJGZFKG632mXTY0WVIRBPKJOztJTOB92EGsyfJ6tk Ovv1n3rH6tmBFHkvWnfJEwE4HI1SGXs70Pt5iCfstx0hOZgGXcPVgbhI aU3ITT23XV2a2wo+b8Eh7r8DBQ39FbCgZ+q+/iSRm3VY6wIDAQAB TTL: Default (Note that there are no line breaks in the actual entry.) I waited at least a half hour to give the nameserver time to update. What am I missing? |
|
| Author: | psandin [ Sat Sep 10, 2011 10:56 pm ] |
| Post subject: | |
Your DNS record is currently being published at "securifieds._domainkey.securifieds.com", looking at the output of the email it looks like the record should be at "_adsp._domainkey.securifieds.com ". $dig securifieds._domainkey.securifieds.com TXT ; <<>> DiG 9.6.0-APPLE-P2 <<>> securifieds._domainkey.securifieds.com TXT ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42443 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;securifieds._domainkey.securifieds.com. IN TXT ;; ANSWER SECTION: securifieds._domainkey.securifieds.com. 86400 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQNJgrFoP7Af5pSPbIKkajnT+rz/NWJGZFKG632mXTY0WVIRBPKJOztJTOB92EGsyfJ6tkOvv1n3rH6tmBFHkvWnfJEwE4HI1SGXs70Pt5iCfstx0hOZgGXcPVgbhIaU3ITT23XV2a2wo+b8Eh7r8DBQ39FbCgZ+q+/iSRm3VY6wIDAQAB" ;; Query time: 140 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Sat Sep 10 22:53:45 2011 ;; MSG SIZE rcvd: 308 Assuming the email is proving the correct location for your TXT record you would want to rename it "_adsp._domainkey". |
|
| Author: | linoobSteve [ Sun Sep 11, 2011 12:34 am ] |
| Post subject: | |
Actually, it turns out that my opendkim config file was a little screwy, but thanks for pointing me in the right general direction. |
|
| Author: | Stever [ Sun Sep 11, 2011 3:01 pm ] |
| Post subject: | |
psandin wrote: Your DNS record is currently being published at "securifieds._domainkey.securifieds.com", looking at the output of the email it looks like the record should be at "_adsp._domainkey.securifieds.com ".
$dig securifieds._domainkey.securifieds.com TXT ; <<>> DiG 9.6.0-APPLE-P2 <<>> securifieds._domainkey.securifieds.com TXT ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42443 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;securifieds._domainkey.securifieds.com. IN TXT ;; ANSWER SECTION: securifieds._domainkey.securifieds.com. 86400 IN TXT "v=DKIM1\; g=*\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQNJgrFoP7Af5pSPbIKkajnT+rz/NWJGZFKG632mXTY0WVIRBPKJOztJTOB92EGsyfJ6tkOvv1n3rH6tmBFHkvWnfJEwE4HI1SGXs70Pt5iCfstx0hOZgGXcPVgbhIaU3ITT23XV2a2wo+b8Eh7r8DBQ39FbCgZ+q+/iSRm3VY6wIDAQAB" ;; Query time: 140 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Sat Sep 10 22:53:45 2011 ;; MSG SIZE rcvd: 308 Assuming the email is proving the correct location for your TXT record you would want to rename it "_adsp._domainkey". Just in case anyone stumbles upon this thread in the future, it should be made clear that this advice is totally wrong. ADSP is an optional extra record with a completely different format that would tell everyone your DKIM signing policy, and is not required at all. The OP simply wasn't signing the message with DKIM. |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|