On Sat, 14 Feb 2009, Tomasz Chmielewski wrote:
Why not? You could have a "default" selector in each domain, all
using the same key if that's what you want.
How do I make a key that is valid for all domains?
Use the same key file for all entries in your keylist.
dkim‐genkey seems to require -d <domain> option.
You would only need to use that once.
I tried to use one domain's key for another (same private key for
signing, same public key in DNS), but I get:
Authentication-Results: my.mta.tld (amavisd-new); dkim=softfail (fail,
OpenSSL error: data too large for key size)
[email protected]
That's a new one on me. I'd guess you generated a key that was too small
to contain the hash payload. What key size did you select?
Looks like some "cool" cPanel thingy likes to mess with DNS entries you
create manually...
I had both:
default._domainkey 14400 IN TXT "...
default._domainkey.mydomain.tld. 14400 IN TXT "...
Which caused this error.
If that's the zone file for "mydomain.tld", those are synonymous. But it
also means a query for your "default" key returns two records, and the
behaviour in that case is undefined.------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
