2009/10/6 Daniel <[email protected]>: > Hi Clodoaldo, > > "dkim=neutral (no key)" means that gmail couldn't find a matching key to > verify your signature. > > > So, how does gmail (or any other dkim verifier) find a matching key? > > It relies on the "selector name" from the header. This line in email header > "... s=domain1.com_default.key.pem; t=1254783208;..." is saying that the > selector name is "domain1.com_default.key.pem". > > Dkim-milter specified that as selector because your > /etc/mail/dkim-milter/keys/keylist file says so. > > Now if you look at the DNS record for your domain (masked as domain1.com > below), do you have a DKIM public key record (TXT type DNS record) with name > "domain1.com_default.key.pem._domainkey" and value being the matching public > key? > > You probably have something like "default._domainkey", which is not > "domain1.com_default.key.pem._domainkey" specified in your signature, > therefore there is no matching key.
Your post fills the points I was missing. Thanks, Clodoaldo > > You may find this helpful too: > http://allaboutlamp.com/2009/09/setup-dkim-for-postfix-in-fedora-using-dkim- > milter/ > > Daniel > > -----Original Message----- > From: Clodoaldo Neto [mailto:[email protected]] > Sent: Tuesday, 6 October 2009 10:28 AM > To: [email protected] > Subject: [dkim-milter-discuss] Sent email not signed > > I'm trying to setup dkim-milter in Centos 5 with postfix. > > It is working but emails are not signed. Or that is what I think as > the Gmail interface does not show the "signed by" line. > > I have this line in dkim-filter.conf: > > KeyList /etc/mail/dkim-milter/keys/keylist > > And in that file there are some lines: > > *:domain1.com:/etc/mail/dkim-milter/keys/domain1.com_default.key.pem > *:domain2.com:/etc/mail/dkim-milter/keys/domain2.com_default.key.pem > *:domain3.com:/etc/mail/dkim-milter/keys/domain3.com_default.key.pem > *:domain4.com:/etc/mail/dkim-milter/keys/domain4.com_default.key.pem > > And in /etc/sysconfig/dkim-milter: > > SIGNING_DOMAIN="domain3.com" > SELECTOR_NAME="default" > > This is the received email header. Notice there is a dkim-signature > and "dkim=neutral (no key)" > > Delivered-To: [email protected] > Received: by 10.210.43.3 with SMTP id q3cs565042ebq; > Mon, 5 Oct 2009 15:53:31 -0700 (PDT) > Received: by 10.91.27.5 with SMTP id e5mr281425agj.91.1254783210482; > Mon, 05 Oct 2009 15:53:30 -0700 (PDT) > Return-Path: <[email protected]> > Received: from domain4.com (domain4.com [71.6.151.155]) > by mx.google.com with ESMTP id > 29si14153623iwn.51.2009.10.05.15.53.28; > Mon, 05 Oct 2009 15:53:29 -0700 (PDT) > Received-SPF: pass (google.com: domain of [email protected] designates > 71.6.151.155 as permitted sender) client-ip=71.6.151.155; > Authentication-Results: mx.google.com; spf=pass (google.com: domain of > [email protected] designates 71.6.151.155 as permitted sender) > [email protected]; dkim=neutral (no key) > [email protected] > Received: from domain2.com (localhost.localdomain [127.0.0.1]) > by domain4.com (Postfix) with ESMTP id 2D25FFFA3C > for <[email protected]>; Mon, 5 Oct 2009 22:53:28 +0000 > (UTC) > DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=domain1.com; > s=domain1.com_default.key.pem; t=1254783208; > bh=Dl+rAYii6RHi2CH7gDRPLZsASUVn3ldY2PVg3HEeftM=; > h=From:To:Subject:Reply-To:MIME-Version:Content-Type: > Content-Transfer-Encoding:Message-Id:Date; > b=rCRQvJGfVd5EPSHOOtOkxNcSIeUKTVewPjGLmCuRkRDwek6J9d0FGoAyS2Py+NZHb > r9RtcsY3vxv4DpGPZYRX050klMmATXt9idA7FjoImJIr2F2iOcNtg/jzONS2hheb+j > H2A4CoD16EzTILGM4JOU4yCcQcI/BYltTLavbiOc= > From: =?utf-8?q?Carro_a_Rodo?= > <[email protected]> > To: =?utf-8?q?fulano_de_tal?= > <[email protected]> > Subject: =?utf-8?q?An=C3=BAncio_no_site_Carro_a_Rodo?= > Reply-To: <[email protected]> > MIME-Version: 1.0 > Content-Type: text/plain; charset="utf-8" > Content-Transfer-Encoding: base64 > Message-Id: <[email protected]> > Date: Mon, 5 Oct 2009 22:53:28 +0000 (UTC) > > What am I missing? > > Regards, Clodoaldo > > ---------------------------------------------------------------------------- > -- > Come build with us! The BlackBerry® Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9-12, 2009. Register now! > http://p.sf.net/sfu/devconf > _______________________________________________ > dkim-milter-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss > > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
