I remember something like this happening when I first tried to begin DKIM signing years ago. I got an obscure numbered error too, although I'm not sure if it was "-101".
Anyhow, the problem turned out that I was trying to reuse a Yahoo DomainKeys key that I had already published in DNS. Since the key format did not change incompatibly between YDK and DKIM, this should have saved me the trouble of updating my DNS with a fresh key. However, DKIM happens to feature a minimum key size (512, plus a strong recommendation to use at least 1024) that is larger than that generated by the YDK tools under default settings. The crypto library incorporated into Exim seems to barf on undersize keys -- tracing the problem showed that the code was expecting one field of the private key file to be larger than it really was (or something like that -- this was along time ago). A freshly generated key of an officially supported size worked. Upshot: double check your key to see that it is actually big enough for DKIM. ---- Michael Deutschmann <[email protected]> -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
