Alin Năstac wrote: > I have the following environment: > - SSP record: _ssp._domainkey IN TXT "dkim=strict" > - my selectors are in following form: tsr._domainkey IN TXT "k=rsa\; > p=..." - one host sends cron job outputs through a secondary mail > server of mine, which signs all mail originating from my domains, > (including subdomains) using its own key. The cron daemon sends mail > using [EMAIL PROTECTED] as originator address. > - the subdomain part of the sender address is an A record > > The mail gets signed and everything, but when my primary server > receives it, authentication fails with > > dkim=hardfail (SSP) [EMAIL PROTECTED] > > Am I doing something wrong or is this a bug of dkim-filter? Alin,
It looks like the i= address in your signature doesn't include the hostname that is in the From address in the message. For that reason, the signing address does not match the From address, and since you have published Strict practices, the SSP check fails. -Jim ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
