2009/10/6 Daniel <cont...@rockableapps.com>: > Hi Clodoaldo, > > "dkim=neutral (no key)" means that gmail couldn't find a matching key to > verify your signature. > > > So, how does gmail (or any other dkim verifier) find a matching key? > > It relies on the "selector name" from the header. This line in email header > "... s=domain1.com_default.key.pem; t=1254783208;..." is saying that the > selector name is "domain1.com_default.key.pem". > > Dkim-milter specified that as selector because your > /etc/mail/dkim-milter/keys/keylist file says so. > > Now if you look at the DNS record for your domain (masked as domain1.com > below), do you have a DKIM public key record (TXT type DNS record) with name > "domain1.com_default.key.pem._domainkey" and value being the matching public > key? > > You probably have something like "default._domainkey", which is not > "domain1.com_default.key.pem._domainkey" specified in your signature, > therefore there is no matching key.
Your post fills the points I was missing. Thanks, Clodoaldo > > You may find this helpful too: > http://allaboutlamp.com/2009/09/setup-dkim-for-postfix-in-fedora-using-dkim- > milter/ > > Daniel > > -----Original Message----- > From: Clodoaldo Neto [mailto:clodoaldo.pinto.n...@gmail.com] > Sent: Tuesday, 6 October 2009 10:28 AM > To: dkim-milter-discuss@lists.sourceforge.net > Subject: [dkim-milter-discuss] Sent email not signed > > I'm trying to setup dkim-milter in Centos 5 with postfix. > > It is working but emails are not signed. Or that is what I think as > the Gmail interface does not show the "signed by" line. > > I have this line in dkim-filter.conf: > > KeyList /etc/mail/dkim-milter/keys/keylist > > And in that file there are some lines: > > *:domain1.com:/etc/mail/dkim-milter/keys/domain1.com_default.key.pem > *:domain2.com:/etc/mail/dkim-milter/keys/domain2.com_default.key.pem > *:domain3.com:/etc/mail/dkim-milter/keys/domain3.com_default.key.pem > *:domain4.com:/etc/mail/dkim-milter/keys/domain4.com_default.key.pem > > And in /etc/sysconfig/dkim-milter: > > SIGNING_DOMAIN="domain3.com" > SELECTOR_NAME="default" > > This is the received email header. Notice there is a dkim-signature > and "dkim=neutral (no key)" > > Delivered-To: clodoaldo.pi...@gmail.com > Received: by 10.210.43.3 with SMTP id q3cs565042ebq; > Mon, 5 Oct 2009 15:53:31 -0700 (PDT) > Received: by 10.91.27.5 with SMTP id e5mr281425agj.91.1254783210482; > Mon, 05 Oct 2009 15:53:30 -0700 (PDT) > Return-Path: <ad...@domain1.com> > Received: from domain4.com (domain4.com [71.6.151.155]) > by mx.google.com with ESMTP id > 29si14153623iwn.51.2009.10.05.15.53.28; > Mon, 05 Oct 2009 15:53:29 -0700 (PDT) > Received-SPF: pass (google.com: domain of ad...@domain1.com designates > 71.6.151.155 as permitted sender) client-ip=71.6.151.155; > Authentication-Results: mx.google.com; spf=pass (google.com: domain of > ad...@domain1.com designates 71.6.151.155 as permitted sender) > smtp.mail=ad...@domain1.com; dkim=neutral (no key) > header...@domain1.com > Received: from domain2.com (localhost.localdomain [127.0.0.1]) > by domain4.com (Postfix) with ESMTP id 2D25FFFA3C > for <clodoaldo.pi...@gmail.com>; Mon, 5 Oct 2009 22:53:28 +0000 > (UTC) > DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=domain1.com; > s=domain1.com_default.key.pem; t=1254783208; > bh=Dl+rAYii6RHi2CH7gDRPLZsASUVn3ldY2PVg3HEeftM=; > h=From:To:Subject:Reply-To:MIME-Version:Content-Type: > Content-Transfer-Encoding:Message-Id:Date; > b=rCRQvJGfVd5EPSHOOtOkxNcSIeUKTVewPjGLmCuRkRDwek6J9d0FGoAyS2Py+NZHb > r9RtcsY3vxv4DpGPZYRX050klMmATXt9idA7FjoImJIr2F2iOcNtg/jzONS2hheb+j > H2A4CoD16EzTILGM4JOU4yCcQcI/BYltTLavbiOc= > From: =?utf-8?q?Carro_a_Rodo?= > <ad...@domain1.com> > To: =?utf-8?q?fulano_de_tal?= > <clodoaldo.pi...@gmail.com> > Subject: =?utf-8?q?An=C3=BAncio_no_site_Carro_a_Rodo?= > Reply-To: <ad...@domain1.com> > MIME-Version: 1.0 > Content-Type: text/plain; charset="utf-8" > Content-Transfer-Encoding: base64 > Message-Id: <20091005225328.2d25fff...@domain4.com> > Date: Mon, 5 Oct 2009 22:53:28 +0000 (UTC) > > What am I missing? > > Regards, Clodoaldo > > ---------------------------------------------------------------------------- > -- > Come build with us! The BlackBerry® Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9-12, 2009. Register now! > http://p.sf.net/sfu/devconf > _______________________________________________ > dkim-milter-discuss mailing list > dkim-milter-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss > > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dkim-milter-discuss mailing list dkim-milter-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
