The DK* settings in tcp.smtp are for domainkeys which is different than
domain keys identified mail (dkim).
If you don't use domainkeys you can remove DKSIGN and DKVERIFY from
tcp.smtp and rebuild.
Also, do you have your DKIM key set up in your DNS settings?
On 3/16/2020 5:09 PM, Erald (nnservices) wrote:
I have followed the instructions on the page
http://www.qmailtoaster.net/dkim.html
The global domain keys are working but when I add an domain key for
one of my domains it indicates me a fail (signature doesn't verify)
when testing. The key is there but seems it cannot verify.
My config
<dkimsign>
<!-- per default sign all mails using dkim -->
<global algorithm="rsa-sha1" domain="/var/qmail/control/me"
keyfile="/var/qmail/control/dkim/global.key" method="simple"
selector="dkim1">
<types id="dkim" />
</global>
<xxxx.be domain="xxxx.be" keyfile="/var/qmail/control/dkim/xxxx.key"
selector="dkim1">
<types id="dkim" />
<types id="domainkey" method="nofws" />
</xxxx.be>
</dkimsign>
Am confused about the smtp.tcp and think something is wrong there
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"
This because I have an old /var/qmail/control/domainkeys/%/ directory
but not for the domain I am trying to get working.
What am I missing
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
