Thanks! I reset my configs and followed Jérôme's installation tips from the previous emails. It seems as something was odd with my bind config. Apparently, I had to split the _domainkey TXT into several segments, or bind would't add it.
So, now comes to testing it all... To summarize, no mails are signed because I think that zdkimfilter can't find anything suitable to match domain/selector against. What can be the cause? I have a test.mail file ====================== Message-ID: <51eee029.8070...@lechevalier.se> Date: Tue, 23 Jul 2013 21:57:29 +0200 From: Anders <and...@lechevalier.se> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: anders <crimsoncott...@gmail.com> Subject: test Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit test ====================== I run "dkimsign test.mail" and get the following output: ====================== WARN: zfilter: zdkimfilter[27853]:Mismatched library versions: compile=0X2020200 link=0X2080400 INFO: zfilter: zdkimfilter: running for dkimsign on 1 ctl + 1 mail files INFO: zfilter: zdkimfilter[27854]: started child DEBUG: zfilter: zdkimfilter[27854]:reading 2 names completed by first call INFO: zfilter: zdkimfilter[27854]:id=dkimsign: not signing for postmaster: no domain INFO: zfilter: zdkimfilter[27854]:id=dkimsign: response: 250 not filtered. ====================== What is the mismatched library versions? dkimsign doesn't see the domain in FROM: or Message-ID: fields. Is this normal? I run "dkimsign --domain lechevalier.se test.mail" and get the following output: ====================== WARN: zfilter: zdkimfilter[28454]:Mismatched library versions: compile=0X2020200 link=0X2080400 INFO: zfilter: zdkimfilter: running for dkimsign on 1 ctl + 1 mail files INFO: zfilter: zdkimfilter[28455]: started child DEBUG: zfilter: zdkimfilter[28455]:reading 2 names completed by first call INFO: zfilter: zdkimfilter[28455]:id=dkimsign: signing for postmas...@lechevalier.se with domain lechevalier.se, selector s INFO: zfilter: zdkimfilter[28455]:id=dkimsign: response: 250 Ok. ====================== Now this seems to work fine. test.mail now has the DKIM signature added. zdkimfilter.conf: ====================== all_mode = Y verbose = 8 domain_keys = /etc/courier/filters/keys selector = s ====================== I have a symlink /etc/courier/filters/keys/lechevalier.se -> s.private So, when sending emails, I get only the following in my mail log: ====================== Jul 24 00:09:42 e350 courierfilter: zdkimfilter[29197]: started child Jul 24 00:09:42 e350 courierfilter: zdkimfilter[29197]:reading 2 names completed by first call Jul 24 00:09:42 e350 courierfilter: zdkimfilter[29197]:id=0000000000C81E83.0000000051EEFF26.0000720B: response: 250 not filtered. ====================== I'm at a loss now what could be the root cause here. How can I debug this problem? It seems as the verbosity in the log is too low, even though I have verbosity=8. ~A On 2013-07-23 12:54, Alessandro Vesely wrote: > Hi Anders, > > On Sun 21/Jul/2013 13:23:16 +0200 Anders wrote: >> Can someone contribute with some example configuration files for >> zdkimfilter and courier, especially for signing outgoing mail. > something like this zone-file snippet? > > beta._domainkey IN TXT ( "v=DKIM1; k=rsa; " > "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGZmBE7vUMFfhxq" > "pHw46gf55UmKH1B7zsiHD7n/R/mnvdvKabvosrHhcAhuDZcf1hr+8Co" > "LTOr6/rUiJXmJoPeq4d3daD+EeUfNIFov6lDgKuBpxNFTuw6spOpX63" > "xTh9cu7g+6ABQUEnzQmLULdImvcq91g1E9QK7SaEO2aYiXwIDAQAB" ) > > _adsp._domainkey IN TXT "dkim=unknown" > >> I have tried to follow the information from the zdkimfilter website > The old site contained more step-by-step stuff, much of which is still > valid, in particular: > http://www.tana.it/sw/zdkimfilter/v-0.5.shtml#setup > >> and the man/config files but I can't get it to work, not even off-line >> checking/testing against self-generated dkim certs with dkimsign. > Does the test suite work? (`make check') It should leave plenty of > diagnostic data if it fails. Otherwise you can use the -d (--debug) > option to avoid deleting test data, e.g. > > cd tests && ./testsuite -d 4 > > Then, looking at the test files left > > ls testsuite.dir/04 > > might help you figuring out why your checking doesn't work as well. > > Hth > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > courier-users mailing list > courier-users@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users