OK, here is my real confusion on DKIM and Domainkeys, and I think I have
found out the general area of my problem, just not what to do to correct it.
I think something is goofy in my DNS, just not sure what. I have tried
adding a txt record for dkim1.mail.magicwisp.com, but it didn't help. Why
is it looking for dkim1._domainkey.mail.magicwisp.com? It was renamed per
the instructions on Jakes video, and nowhere in my DNS is dkim1._domainkey
mentioned. This is starting to drive me buggy. My domain is magicwisp.com,
my servers hostname is mail.magicwisp.com. If I do a dig for the keys:
[r...@mail dkim]# dig +short private._domainkey.mail.magicwisp.com txt
[r...@mail dkim]# dig +short dkim1.mail.magicwisp.com txt
[r...@mail dkim]# dig +short dkim1.magicwisp.com txt
"k=rsa
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE
2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB"
[r...@mail dkim]# dig +short private._domainkey.magicwisp.com txt
"k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas
0jf4LFv2PU04CcshyL+637GwIDAQAB"
Yet somehow when I send email it is trying to find mail.magicwisp.com. Not
sure why. My DNS is configured as follows:
$ttl 30M
magicwisp.com. IN SOA ns1.magicwisp.com. root.ns1.magicwisp.com. (
2009020917
10800
3600
604800
5D )
@ IN NS ns1.magicwisp.com.
magicwisp.com. IN MX 5 mail
magicwisp.com. IN TXT "v=spf1 a mx all"
mail.magicwisp.com. IN TXT "v=spf1 a -all"
_domainkey.magicwisp.com. IN TXT "o=-;
r=postmas...@magicwisp.com"
private._domainkey IN TXT "k=rsa;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas
0jf4LFv2PU04CcshyL+637GwIDAQAB"
dkim1 IN TXT "k=rsa;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE
2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB"
12.169.159.242.magicwisp.com. IN PTR mail.magicwisp.com
magicwisp.com. 1800 IN A 12.169.159.242
www.magicwisp.com. 1800 IN A 12.169.159.242
ftp.magicwisp.com. 1800 IN A 12.169.159.242
mail.magicwisp.com. 1800 IN A 12.169.159.242
ns1.magicwisp.com. 1800 IN A 12.169.159.242
Here is the information I get on the test:
==========================================================
Summary of Results
==========================================================
SPF check: pass
DomainKeys check: fail
DKIM check: permerror
Sender-ID check: pass
SpamAssassin check: ham
==========================================================
Details:
==========================================================
HELO hostname: mail.magicwisp.com
Source IP: 12.169.159.242
mail-from: jack.d.mar...@magicwisp.com
----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=jack.d.mar...@magicwisp.com
DNS record(s):
magicwisp.com. 1800 IN TXT "v=spf1 a mx all"
magicwisp.com. 1800 IN A 12.169.159.242
----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result: fail (bad signature)
ID(s) verified: header.from=jack.d.mar...@magicwisp.com
DNS record(s):
private._domainkey.magicwisp.com. 1800 IN TXT "k=rsa;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas
0jf4LFv2PU04CcshyL+637GwIDAQAB"
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: permerror (key "dkim1._domainkey.mail.magicwisp.com" doesn't
exist)
ID(s) verified:
Canonicalized Headers:
From:'20'"Jack'20'Martin"'20'<jack.d.mar...@magicwisp.com>'0D''0A'
To:'20'<check-au...@verifier.port25.com>'0D''0A'
Subject:'20''0D''0A'
Date:'20'Tue,'20'2'20'Mar'20'2010'20'14:53:36'20'-0600'0D''0A'
Message-ID:'20'<00f601caba4a$6e353f10$4a9fbd...@d.martin@magicwisp.com>'0D''
0A'
MIME-Version:'20'1.0'0D''0A'
Content-Type:'20'multipart/alternative;'0D''0A'
'09'boundary="----=_NextPart_000_00F7_01CABA18.239ACF10"'0D''0A'
DKIM-Signature:'20'v=1;'20'a=rsa-sha1;'20'c=simple;'20'd=mail.magicwisp.com;
'20'h=from'0D''0A'
'09':to:subject:date:message-id:mime-version:content-type;'20's=dkim1;'0D''0
A'
'09''20'bh=KUx/eqMQL77uZbeE9TxqNEC7I6k=;'20'b=
Canonicalized Body:
This'20'is'20'a'20'multi-part'20'message'20'in'20'MIME'20'format.'0D''0A'
'0D''0A'
------=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A'
Content-Type:'20'text/plain;'0D''0A'
'09'charset="us-ascii"'0D''0A'
Content-Transfer-Encoding:'20'7bit'0D''0A'
'0D''0A'
Testing'20'DKIM'0D''0A'
'0D''0A'
'0D''0A'
------=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A'
Content-Type:'20'text/html;'0D''0A'
'09'charset="us-ascii"'0D''0A'
Content-Transfer-Encoding:'20'quoted-printable'0D''0A'
'0D''0A'
<html'20'xmlns:v=3D"urn:schemas-microsoft-com:vml"'20'='0D''0A'
xmlns:o=3D"urn:schemas-microsoft-com:office:office"'20'='0D''0A'
xmlns:w=3D"urn:schemas-microsoft-com:office:word"'20'='0D''0A'
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml";'20'='0D''0A'
xmlns=3D"http://www.w3.org/TR/REC-html40";>'0D''0A'
'0D''0A'
<head>'0D''0A'
<META'20'HTTP-EQUIV=3D"Content-Type"'20'CONTENT=3D"text/html;'20'='0D''0A'
charset=3Dus-ascii">'0D''0A'
<meta'20'name=3DGenerator'20'content=3D"Microsoft'20'Word'20'12'20'(filtered
'20'medium)">'0D''0A'
<style>'0D''0A'
<!--'0D''0A'
'20'/*'20'Font'20'Definitions'20'*/'0D''0A'
'20'@font-face'0D''0A'
'09'{font-family:"Cambria'20'Math";'0D''0A'
'09'panose-1:2'20'4'20'5'20'3'20'5'20'4'20'6'20'3'20'2'20'4;}'0D''0A'
@font-face'0D''0A'
'09'{font-family:Calibri;'0D''0A'
'09'panose-1:2'20'15'20'5'20'2'20'2'20'2'20'4'20'3'20'2'20'4;}'0D''0A'
'20'/*'20'Style'20'Definitions'20'*/'0D''0A'
'20'p.MsoNormal,'20'li.MsoNormal,'20'div.MsoNormal'0D''0A'
'09'{margin:0in;'0D''0A'
'09'margin-bottom:.0001pt;'0D''0A'
'09'font-size:11.0pt;'0D''0A'
'09'font-family:"Calibri","sans-serif";}'0D''0A'
a:link,'20'span.MsoHyperlink'0D''0A'
'09'{mso-style-priority:99;'0D''0A'
'09'color:blue;'0D''0A'
'09'text-decoration:underline;}'0D''0A'
a:visited,'20'span.MsoHyperlinkFollowed'0D''0A'
'09'{mso-style-priority:99;'0D''0A'
'09'color:purple;'0D''0A'
'09'text-decoration:underline;}'0D''0A'
span.EmailStyle17'0D''0A'
'09'{mso-style-type:personal-compose;'0D''0A'
'09'font-family:"Calibri","sans-serif";'0D''0A'
'09'color:windowtext;}'0D''0A'
.MsoChpDefault'0D''0A'
'09'{mso-style-type:export-only;}'0D''0A'
@page'20'Section1'0D''0A'
'09'{size:8.5in'20'11.0in;'0D''0A'
'09'margin:1.0in'20'1.0in'20'1.0in'20'1.0in;}'0D''0A'
div.Section1'0D''0A'
'09'{page:Section1;}'0D''0A'
-->'0D''0A'
</style>'0D''0A'
<!--[if'20'gte'20'mso'20'9]><xml>'0D''0A'
'20'<o:shapedefaults'20'v:ext=3D"edit"'20'spidmax=3D"1026"'20'/>'0D''0A'
</xml><![endif]--><!--[if'20'gte'20'mso'20'9]><xml>'0D''0A'
'20'<o:shapelayout'20'v:ext=3D"edit">'0D''0A'
'20''20'<o:idmap'20'v:ext=3D"edit"'20'data=3D"1"'20'/>'0D''0A'
'20'</o:shapelayout></xml><![endif]-->'0D''0A'
</head>'0D''0A'
'0D''0A'
<body'20'lang=3DEN-US'20'link=3Dblue'20'vlink=3Dpurple>'0D''0A'
'0D''0A'
<div'20'class=3DSection1>'0D''0A'
'0D''0A'
<p'20'class=3DMsoNormal>Testing'20'DKIM<o:p></o:p></p>'0D''0A'
'0D''0A'
</div>'0D''0A'
'0D''0A'
</body>'0D''0A'
'0D''0A'
</html>'0D''0A'
'0D''0A'
------=_NextPart_000_00F7_01CABA18.239ACF10--'0D''0A'
DNS record(s):
dkim1._domainkey.mail.magicwisp.com. TXT (NXDOMAIN)
NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC
4871 or draft-ietf-dkim-base-10) and verification may fail for older
versions. If you are using Port25's PowerMTA, you need to use version
3.2r11 or later to get a compatible version of DKIM.
-----Original Message-----
From: sa...@magicwisp.com [mailto:sa...@magicwisp.com]
Sent: Monday, March 01, 2010 4:52 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] DKIM/Domainkeys
That did not seem to correct the problem. I am still getting the same error
when testing DKIM.
> On 03/01/2010 10:51 AM, sa...@magicwisp.com wrote:
>> I have setup DKIM using Jakes videos, and the wiki for domainkeys. I
>> have a problem. DKIM isn't working at all and domainkeys is
>> intermittent.
>> Here is the email I get from check-a...@verifier.port25.com.
>>
>> ----------------------------------------------------------
>> DomainKeys check details:
>> ----------------------------------------------------------
>> Result: fail (bad signature)
>> ID(s) verified: header.from=jack.d.mar...@magicwisp.com
>> DNS record(s):
>> private._domainkey.magicwisp.com. 1800 IN TXT "k=rsa;
>> p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyaz
>> GDWAMas
>> 0jf4LFv2PU04CcshyL+637GwIDAQAB"
>>
>> ----------------------------------------------------------
>> DKIM check details:
>> ----------------------------------------------------------
>> Result: permerror (key "dkim1._domainkey.mail.magicwisp.com"
>> doesn't
>> exist)
>>
>
> I think this last one will be your issue - it's expecting a record for
> dkim1._domainkey.mail.magicwisp.com
> Try adding a record for that and see if it resolves your issue.
> I believe someone else had a similar issue and posted on the list
> about this, maybe 3-4 months back. Search the archives. If you cannot
> find anything, I'll check my account as they may have email me directly.
>
> ----------------------------------------------------------------------
> ----------- Qmailtoaster is sponsored by Vickers Consulting Group
> (www.vickersconsulting.com)
> Vickers Consulting Group offers Qmailtoaster support and
> installations.
> If you need professional help with your setup, contact them today!
>
----------------------------------------------------------------------------
-----
> Please visit qmailtoaster.com for the latest news, updates, and
> packages.
>
> To unsubscribe, e-mail:
> qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
>
>
>
----------------------------------------------------------------------------
-----
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
----------------------------------------------------------------------------
-----
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
